WelcomeUser Guide
ToSPrivacyCanary
DonateBugsLicense

©2026 Poal.co

1.4K

Archive: https://archive.today/48yNI

From the post:

>Mobile devices now sit at the convergence of access, identity, and sensitive corporate data—effectively relocating the enterprise perimeter into every employee’s pocket. Recently observed threats demonstrate that the mobile attack surface has fundamentally expanded, moving beyond app-based malware to include sophisticated, hit-and-run campaigns that can disrupt operations and trigger material financial damage faster than traditional attack vectors.

Archive: https://archive.today/48yNI From the post: >>Mobile devices now sit at the convergence of access, identity, and sensitive corporate data—effectively relocating the enterprise perimeter into every employee’s pocket. Recently observed threats demonstrate that the mobile attack surface has fundamentally expanded, moving beyond app-based malware to include sophisticated, hit-and-run campaigns that can disrupt operations and trigger material financial damage faster than traditional attack vectors.
You are currently inside a comment thread.
Click here to see all the comments (1).
[–] 1 pt

The kill chain begins with Safari encountering the malicious iframe embedded in a web page. Once loaded, Darksword breaks out of the WebContent sandbox and then leverages WebGPU to inject into mediaplaybackd. From there it can craft Kernel read/write access, which it leverages to gain access to privileged processes and modify sandbox restrictions, gaining access to restricted parts of the filesystem.

So all it seems to take is the user visiting an exploit loaded site in the mobile Safari browser. From there it uses a series of exploits to gain full access to the device and steal everything of value (crypto wallets, access tokens, etc.). Then it cleans itself off of the device.

Once again, I am glad I use my phone for almost nothing.

I could imagine an exploit like this for desktop systems too, but it seems that phones are a more important target. That’s where dumb people keep all of their sensitive data and it’s in a limited number of well known places.