Incomplete information included in recent disclosures by Apple and Google reporting critical zero-day vulnerabilities under active exploitation in their products has created a “huge blindspot” that’s causing a large number of offerings from other developers to go unpatched, researchers said Thursday.
You must log in or # to comment.
Deep dive by Ben Hawkes at Isosceles Blog: The WebP 0day
Damn that’s some clusterfuck. My tinfoil senses are tingling. The part on addressing chrome only instead of webp… Seems like a good way for securing pegasus success and at the same time keep plausible deniability
