Zero-Click RCE Bug in macOS Calendar Exposes iCloud Data
September 18, 2024 | A zero-click vulnerability chain in macOS allowed attackers to bypass security features like Gatekeeper and TCC, exposing sensitive iCloud data, including photos. Researcher Mikko Kenttälä discovered the flaw by exploiting a file sanitization issue in Calendar invites, which enabled remote code execution (RCE) without user interaction.
Apple has since patched the vulnerabilities, but this incident highlights ongoing risks to macOS security.
Zero-Day Exploits Surge in 2023: Cisco and Fortinet Under Fire
Nov 15, 2024 | In 2023, attackers increasingly targeted zero-day vulnerabilities, leveraging flaws in Citrix, Cisco, and Fortinet products to breach enterpris
Sharing of Telegram User Data Surges After CEO Arrest – Critical Start
Jan. 7, 2025 | Telegram, once known for strict user privacy, shared data from 14 to 900 U.S. requests after its CEO’s arrest.
Celebrating the 2024 Women in IT Security Honorees – SC Media
Nov 14, 2024 | Meet the extraordinary women driving innovation in cybersecurity.