#ios

Protect your social media presence with tools like privacy checkups, monitoring services, and digital footprint scanners. Stay secure by avoiding oversharing, limiting third-party app permissions, and using strong passwords.

Digital networks are the backbone of global business and communication, making cyber resiliency essential for organizations to thrive.…

### Summary In versions of `dawidd6/action-download-artifact` before v6, a repository's forks were also searched by default when attempting to find matching artifacts. This could be exploited by an unprivileged attacker to introduce compromised artifacts (such as malicious executables) into a privileged workflow context, as creating a fork requires no privileges. Users should immediately upgrade to v6 or newer, which changes the default behavior to avoid searching forks for matching artifacts. Users who cannot upgrade should explicitly set `allow_forks: false` to disable searching forks for artifacts. ### Details GitHub's artifact storage for workflows does not natively distinguish between artifacts created by a repository and artifacts created by forks of that repository. As a result, attempting to retrieve the "latest" artifact for a workflow run can return artifacts produced by a fork, rather than its upstream. Because any GitHub user can create a fork of a public repository, ...

Plus: The worst telecom hack in US history rolls on, iPhones are harder to break into, and more of the week’s top security news.

A security-relevant race between mremap() and THP code has been discovered. Reaching the buggy code typically requires the ability to create unprivileged namespaces. The bug leads to installing physical address 0 as a page table, which is likely exploitable in several ways: For example, triggering the bug in multiple processes can probably lead to unintended page table sharing, which probably can lead to stale TLB entries pointing to freed pages.

Nosebeard Labs has identified a critical vulnerability in the Apple system wide web content filter that allows a full bypass of content restrictions. This vulnerability, which occurs specifically when Screen Time content filtering settings are enabled, permits users or attackers to access restricted websites in Safari without detection. The timeline in this advisory is probably the most interesting thing to note. It shows a Fortune 10 ignoring a concern for years until a news article gets written, and that is truly disappointing. Do better Tim.

Apple Security Advisory 11-19-2024-4 - iOS 17.7.2 and iPadOS 17.7.2 addresses code execution vulnerabilities.

Apple Security Advisory 11-19-2024-3 - iOS 18.1.1 and iPadOS 18.1.1 addresses code execution vulnerabilities.

The future of cybersecurity isn't about preventing every breach — it's about learning and growing stronger with each attack.