BLASTPASS: NSO Group iPhone Zero-Click, Zero-Day Exploit Captured in the Wild
BLASTPASS: NSO Group iPhone Zero-Click, Zero-Day Exploit Captured in the Wild
citizenlab.ca
BLASTPASS: NSO Group iPhone Zero-Click, Zero-Day Exploit Captured in the Wild - The Citizen Lab
Citizen Lab found an actively exploited zero-click vulnerability being used to deliver NSO Group’s Pegasus mercenary spyware while checking the device of an individual employed by a Washington DC-base...
We refer to the exploit chain as BLASTPASS. The exploit chain was capable of compromising iPhones running the latest version of iOS (16.6) without any interaction from the victim.