Zero-Day Warning: It’s Possible to Hack iPhones Just by Sending Emails Hackers have been exploiting critical 0-click + 0-day RCE vulnerability in the default mail app installed on millions of Apple devices. According to the researchers, there are two remote code execution flaws in Apple’s mail app, both existed for the last 8 years since the release of iOS 6 and also affect the latest iOS 13.4.1 version .only iOS beta 13.4.5 contains security patches.
Researchers spotted in-the-wild-attacks and discovered the related flaws almost two months ago and reported it to the Apple security team.
Researchers claim multiple groups of attackers are already exploiting these flaws—for at least 2 years as zero-days in the wild—to target individuals from various industries and organizations, MSSPs from Saudi Arabia & Israel, and journalists in Europe.
Besides this, it could be tough for Apple users to know if they were targeted as part of these cyber-attacks because attackers delete the malicious email immediately after gaining remote access to the victims’ device.
For millions of iPhone and iPad users, a public software patch will soon be available with the release of the upcoming iOS update.