Risky Bulletin Risky Bulletin: Microsoft restricts Chinese firms’ access to MAPP
9 snips
Aug 21, 2025 Major developments in cybersecurity take center stage, with Microsoft tightening access for Chinese firms to its MAPP program. Apple swiftly addresses a dangerous zero-day vulnerability. A member of the Scattered Spider hacking group faces a hefty 10-year prison sentence. Meanwhile, a new exploit broker emerges in the UAE, highlighting the ever-evolving landscape of digital threats. Russian hackers continue to exploit the SYNful Knock vulnerability, proving that old tricks can still be effective in the cyber realm.
AI Snips
Chapters
Transcript
Episode notes
Microsoft Tightens MAPP Access
- Microsoft limited MAPP access for companies in jurisdictions that require vulnerability reporting to governments.
- It will stop sharing proof-of-concept code and only give general patch descriptions to participants.
Patch Apple ImageIO Zero-Day Now
- Update iOS and macOS immediately to apply Apple's ImageIO patch for the zero-day.
- Treat received media files from unknown senders as potential attack vectors until patched.
Exploit Broker Skyrockets Zero-Day Prices
- A new UAE-based broker, Advanced Security Solutions, offers unprecedented prices for exploit chains.
- They advertise up to $20 million for mobile exploit chains, reshaping the open-market pricing for zero-days.