CISA Warns About Two New iPhone Flaws Exploited in the Wild

The CISA sounded an alarm against two spyware-style zero-days that affect iPads, Macs, and iPhones. One of the flaws can be abused by any iOS application to run arbitrary code with kernel privileges. In another scenario, attackers can chain the two flaws to cause further damage. The CISA has ordered federal agencies to patch the security flaws by May 1.