Bleeping Computer
Project Zero, Google’s zero-day bug-hunting team, discovered a group of hackers that used 11 zero-days in attacks targeting Windows, iOS, and Android users within a single year.
The Project Zero team revealed that the hacking group behind these attacks ran two separate campaigns, in February and October 2020.
This month’s report showcases the use of seven zero-days after a previous one published in January showed how four zero-days were used together with n-day exploits to hack potential targets.
Just as before, the attackers used a couple of dozen websites hosting two exploit servers, each of them targeting iOS and Windows or Android users.