Security

Pangu Team purportedly jailbreaks iPhone 13 Pro remotely at TianfuCup 2021

The Pangu Team is a name you might remember if you’ve been jailbreaking iPhones and iPads since ye olde days of iOS 9. Despite not releasing a public jailbreak since then, the Pangu Team continues to be hands-on with respect to iOS-related security research.

A wonderful example of that happened just this weekend in Chengdu, China at the TianfuCup (TFC) 2021, where the Pangu Team appears to be taking home the first-place prize in the contest by successfully pwning Apple’s brand-new iPhone 13 Pro running iOS 15 via a remote jailbreak. The earnings? A juicy $330,000 cash prize.

Hacker pattern_F_ goes hands-on with Saar Amar’s new kernel vulnerability, demos jailbreak on iOS 14.0

Security researcher Saar Amar on Monday published a proof of concept (PoC) of a kernel-level vulnerability dubbed CVE-2021-30883 that was patched by Apple’s iOS & iPadOS 15.0.2 software updates.

The write-up reignited hope that we’d see a jailbreak for recent iterations of Apple’s mobile operating systems, and perhaps unsurprisingly, some security researchers have already started going hands-on with it.

Apple will fix AirTag’s Lost Mode vulnerability that could be used for phishing scams

Apple has acknowledged that it's aware of a serious vulnerability plaguing its personal item tracker, dubbed AirTag. The nasty bug allows nefarious actors to redirect the person who finds and scans a lost AirTag to a phishing website instead of the Apple one. The company has confirmed it is working on a fix, saying the solution will be arriving in the next software update.

EntitlementFix: Another jailbreak tweak that patches at least 3 known 0-day exploits

It was only about a week after Apple released iOS & iPadOS 14.8 with patches for the zero-click exploits that were actively weaponized in the wild and by the Pegasus spyware that iOS developer Mario Cheung released a jailbreak tweak called FORCEDEXIT to address the issue on pwned handsets running affected firmware versions.

Today, Cheung seems to be at it again with a new and free jailbreak tweak dubbed EntitlementFix, which allegedly fixes three additional 0-day exploits known to impact jailbreakable versions of Apple’s mobile operating systems.