The Apple vulnerabilities (CVE-2023-32409, CVE-2023-28204 and CVE-2023-32373) exist in WebKit.
Apple has fixed four zero days in WebKit for iOS, macOS, and Safari that were under active attack.
Apple has patched, for the second time, a vulnerability in the iOS kernel that has been used in jailbreak tools.
Two vulnerabilities affecting the Mail app in iOS have been used in targeted attacks and one of the flaws requires no user interaction for exploitation.
Researchers from Google Project Zero uncovered a multiyear campaign that targeted iPhones with sophisticated exploit chains delivered through hacked websites.