[Information Security Daily]On October 25, 2022, a Pakistani organization was attacked by the hacker SideWinder, and Apple patched the iOS zero-day vulnerability that had been used in the attack.

Pakistani organizations were targeted by hacker SideWinder and launched attacks through backdoor programs. However, the hackers did not directly attack specific organizations, but hacked the websites of local government agencies as a channel for distributing backdoor programs. There are occasional incidents of attackers uploading malicious programs to the code repository GitHub for distribution under the guise of providing a proof-of-concept of a vulnerability, but how serious is this situation? They found nearly 5,000 abused repositories, according to an analysis by Leiden University in the Netherlands. Apple released iOS 16.1 and iPadOS 16, but it is worth noting that the vulnerability CVE-2022-42827, which has been attacked, has been patched. Users should apply the updated program as soon as possible.