A synopsis of the massive ongoing WordPress malware campaign: Balada Injector, including common techniques, functionalities, and vulnerability exploits used in attacks.
Apple confirms the active exploitation of CVE-2022-42827, warning in a barebones advisory that the flaw exposes iPhones and iPads to arbitrary code execution attacks.
