A zero day exploit in WebKit (recently patched) affected iOS and macOS users by redirecting their browsing to malicious websites via a criminal group known as ‘eGobbler.’
WebKit Zero Day
Security researcher Eliya Stein:
If we take a snapshot of eGobbler activity from August 1 to September 23, 2019, then we see a staggering volume of impacted programmatic impressions. By our estimates, we believe up to 1.16 billion impressions have been affected.
Security company Compliant found and reported the vulnerability to Google and Apple on August 7. iOS 13 fixed it for Chrome on iOS, and it was fixed for Safari with iOS 13.0.1. About 1.1% of iOS users were affected, and 139% of macOS users were affected.
[PDF Expert 7 Updates With Dark Mode, PencilKit, More]