image credit: Unsplash

macOS Zero-Day Exploited to Deliver Malware to Users in Hong Kong

November 12, 2021

According to Google, the attack, discovered in late August, was likely conducted by a well-resourced state-sponsored threat group which, based on the quality of their code, had access to their own software engineering team.

While Google has not named any country, users in Hong Kong have been typically targeted by threat actors sponsored by China.

The watering hole involved the websites of a media outlet and an important pro-democracy labor and political group in Hong Kong. The sites hosted two iframes that served iOS and macOS exploits.

Read More on Security Week