CVE-2023-38606
Operation Triangulation is a real 0-click iMessage exploit chain using 4
zero-days (CVE-2023-41990, -32434, -38606, -32435) to install spyware on iOS
up to 16.2. Kaspersky discovered it in 2023 via infected employee devices and
internal monitoring; they reported to Apple, who patched but didn't pay a
bounty.
Attribution to US NSA is alleged by Russia's FSB but unconfirmed by Kaspersky
or independent sources—likely a state actor.
US banned Kaspersky in 2024 over security risks. The attack's sophistication
and costs align with claims; CVE-2023-38606 exploited obscure GPU hardware,
possibly via insider knowledge.
【 在 orient0001 的大作中提到: 】
: 之前看到说imessage漏洞,应该补好了吧,况且现在用这个的少了吧
--
修改:iwannabe FROM 111.55.204.*
FROM 111.55.204.*