What's the news? On September 7, 2023, Apple notified an update for its devices. The issuance and notification of the new update came after The Citizen Lab, a research group, found that a zero-click vulnerability was being used to deliver NSO Group’s Pegasus mercenary spyware on Apple's devices. The hack involved sending harmful images in PassKit attachments from the attacker's iMessage account to the victim. However, the exploit chain could hack iPhones running the newest iOS (version 16.6) without needing the user of the device to engage in any interaction, CitizenLab pointed out. Citizen Lab discovered the problem when they were inspecting the device of a person working for a civil society organization based in Washington DC with international offices. They referred to the exploit chain (cyber-attack that involves multiple attacks that are chained together to fully compromise a device) as BLASTPASS. It is important to note that the Pegasus spyware, which was in highlights in 2021, can capture keystrokes, intercept communications, track the device, and use the camera and microphone to spy on the user. What should users do? Users have been suggested to update their devices 'immediately' to avoid any harm. It can secure devices belonging to regular users, companies, and governments around the globe. Moreover, Citizen Lab requested users vulnerable to increased risk because of who they are or what they do to enable Lockdown Mode. Not the first time for Apple: In April 2022, the Citizen Lab found evidence of multiple zero-click iMessage exploits used to…
