Paul Ducklin (tweet): The security vulnerablities themselves turn out to be a single bug, or at least to be covered by a single bug identifier, CVE-2024-1580, which was found and reported by Nick Galloway, a researcher in Google’s Project Zero bug-hunting team[…] […] We’re guessing, from Apple’s purposeful silence when the first fixes came out […]