Here are two proof-of-concepts for CVE-2022-26766 (CoreTrust allows any root certificate) and CVE-2022-26763 (IOPCIDevice::_MemoryAccess not checking bounds at all), two issues discovered by @LinusHenze and patched in macOS 12.4 / iOS 15.5.
Microsoft says that a recently spotted Windows worm has been found on the networks of hundreds of organizations from various industry sectors.
LockBit remained the most active threat in June, and “the costliest strain of ransomware ever documented” went dark while others surged.
US officials and allies have warned about attacks from XakNet and related groups.
