BLASTPASS: NSO Group iPhone Zero-Click, Zero-Day Exploit Captured in the Wild

citizenlab.ca

BLASTPASS: NSO Group iPhone Zero-Click, Zero-Day Exploit Captured in the Wild

citizenlab.ca

@0x815@feddit.de to

Technology@beehaw.org • 10 months ago

BLASTPASS: NSO Group iPhone Zero-Click, Zero-Day Exploit Captured in the Wild - The Citizen Lab

citizenlab.ca

Citizen Lab found an actively exploited zero-click vulnerability being used to deliver NSO Group’s Pegasus mercenary spyware while checking the device of an individual employed by a Washington DC-based civil society organization with international offices. We refer to the exploit chain as BLASTPASS. The exploit chain was capable of compromising iPhones running the latest version of iOS (16.6) without any interaction from the victim.

Last week, while checking the device of an individual employed by a Washington DC-based civil society organization with international offices, Citizen Lab found an actively exploited zero-click vulnerability being used to deliver NSO Group’s Pegasus mercenary spyware. This latest find shows once again that civil society is targeted by highly sophisticated exploits and mercenary spyware, Citizen Lab says.

You must log in or register to comment.

Chat