Apple Safari's zero-day vulnerability (CVE-2024-27834) was exploited at Pwn2Own, prompting the release of security updates to address the flaw by enhancing checks in macOS Monterey and Ventura systems. The flaw allowed attackers to bypass pointer authentication, potentially gaining unauthorized access or executing malicious code. Manfred Paul won the Master of Pwn award by using an integer underflow flaw for remote code execution and received $60,000
iOS 17.5, iPadOS 17.5, tvOS 17.5, Safari 17.5, watchOS 10.5, and macOS Sonoma 14.5 have been patched, urging users to update immediately to mitigate the vulnerability, especially since the flaw is actively being exploited. https://cybersecuritynews.com/apple-safari-zero-day-exploit-patch/