by Immediately after the Chrome security update was released, experts began to speculate that there was a link between CVE-2023-4863 and an earlier CVE from Apple, CVE-2023-41064. The theory goes something like this.
Early in September (exact date unknown), Citizen Lab detected suspicious behavior on the iPhone of “an individual employed by a Washington DC-based civil society organization”:
BLASTPASS: NSO Group iPhone Zero-Click, Zero-Day Exploit Captured in the Wild
They attributed the behavior to a “zero-click” exploit for iMessage being used to deploy NSO group’s Pegasus spyware, and sent their technical findings to Apple. Apple responded swiftly, and on September 7 they released a security bulletin that featured two new CVEs from the attack Citizen Lab identified. On each CVE they note: “Apple is aware of a report that this issue may have been actively exploited.“
