Apple Zero-Days Under 'Sophisticated Attack,' but Details Lacking

The technology giant said two zero-day vulnerabilities were used in attacks on iOS devices against "specific targeted individuals," which suggests spyware or nation-state threat activity.

Apr. 21, 2025 Signup

Daily Edition

Today’s news and insights for cybersecurity professionals

- Today's News and Features -

TOP STORY

Apple Zero-Days Under 'Sophisticated Attack,' but Details Lacking‎‎ The technology giant said two zero-day vulnerabilities were used in attacks on iOS devices against "specific targeted individuals," which suggests spyware or nation-state threat activity.‎‎ Keep Reading →

Chinese APT Mustang Panda Debuts 4 New Attack Tools‎ The notorious nation-state-backed threat actor has added two new keyloggers, a lateral movement tool, and an endpoint detection and response (EDR) evasion driver to its arsenal.‎

CISA Weighs In on Alleged Oracle Cloud Breach‎‎ The agency is recommending that organizations and individuals implement its recommendations to prevent the misuse of stolen data, though Oracle has yet to publicly do the same for its customers.‎‎

THE EDGE

Could Ransomware Survive Without Cryptocurrency?‎ Threat actors would be at least temporarily derailed, experts say. But the real issue ladders back to organizations’ weak cyber hygiene.‎

DR TECHNOLOGY

Attackers and Defenders Lean on AI in Identity Fraud Battle‎ Identity verification, insurance claims, and financial services are all seeing surges in AI-enabled fraud, but organizations are taking advantage of AI systems to fight fire with fire.‎

Read More →

- Commentary -

Opinions from thought leaders around the cybersecurity industry

If Boards Don't Fix OT Security, Regulators Will‎‎ Around the world, governments are setting higher-bar regulations with clear corporate accountability for breaches on the belief organizations won't drive up security maturity for operational technology unless they're made to.‎‎

7 RSAC 2025 Cloud Security Sessions You Don't Want to Miss‎‎ Some of the brightest minds in the industry will discuss how to strengthen cloud security.‎‎

More Commentary →

- Upcoming Events -

Apr 22, 2025 Top 5 Most Dangerous Security Vulnerabilities

Apr 23, 2025 Find and Fix Application Vulnerabilities... At Cyber Speed

Aug 2, 2025 [Conference] Black Hat USA - August 2-7 - Learn More

More Events →

- More Resources -

WHITE PAPER Use cases in Google Threat Intelligence: Strategic Threat Intelligence for Financial Institutions

WHITE PAPER Palo Alto Networks: Leader in First-Ever Software Supply Chain Security Report

WHITE PAPER 6 Key Requirements of Multicloud Security

REPORT Building Blocks for Next-Gen Security Operations

More Resources →

- Elsewhere in Cyber Today -

ESET

CapCut copycats are on the prowl

IMPERVA

The Future of SSL Certificate Management: Adapting to Shortened Renewal Periods

CYBERSECURITY DIVE

Ahold Delhaize confirms data stolen after threat group claims credit for November attack

- Do You Find Today’s Newsletter Helpful? -

Yes Not sure No

You received this message because you are subscribed to Dark Reading's Daily newsletter. If a friend forwarded you this message, sign up here to get it in your inbox. Thoughts about this newsletter? Give us feedback.

Advertise With Us | Privacy Policy | Unsubscribe Copyright © 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. Operated by TechTarget, Inc. and its subsidiaries, 275 Grove Street, Newton, Massachusetts, 02466 US