The US government has ordered federal agencies to urgently patch Apple zero-day bugs. The Cybersecurity and Infrastructure Security Agency (CISA) has given agencies until October 2 to update their iOS, iPadOS, and macOS devices to mitigate the risk of spyware attacks. The zero-day flaws in Apple's products were discovered by Citizen Lab and were used to deliver the Pegasus spyware. The bugs include a buffer overflow vulnerability in ImageIO and a validation issue in Apple Wallet. The concern is that these exploits could be used to target US government officials. The US government has previously sued NSO Group, the commercial malware developer behind the Pegasus spyware. #USGovernment #Apple #Cybersecurity #ZeroDay #Pegasus

https://www.infosecurity-magazine.com/news/us-government-ordered-patch-apple/