0-days exploited by commercial surveillance vendor in Egypt

Google’s Threat Analysis Group (TAG) discovered an in-the-wild 0-day exploit chain developed by commercial surveillance vendor Intellexa to install its Predator spyware on iPhones. The exploit chain is delivered via a man-in-the-middle attack and was used to target individuals in Egypt. In response, Apple patched the bugs with iOS updates CVE-2023-41991, CVE-2023-41992, and CVE-2023-41993. TAG encourages all iOS users to install these updates as soon as possible for better protection. The Predator spyware has also been observed targeting Android devices in Egypt using similar exploits. Chrome’s “HTTPS-First Mode” can help reduce the likelihood of exploits being delivered via MITM network injection.