'Most sophisticated' iPhone attack chain 'ever seen' used four 0-days to create a 0-click exploit - 9to5Mac
Over at 9to5Mac
But interestingly, Larin, Bezvershenko, and Kucherin note there is a mystery remaining when it comes to CVE-2023-38606 that they’d like help with. Specifically, it’s not clear how attackers would have known about the hidden hardware feature:
We are publishing the technical details, so that other iOS security researchers can confirm our findings and come up with possible explanations of how the attackers learned about this hardware feature.
This just shows how difficult it is to get into an iPhone nowadays.