Details of a flaw in Apple s Safari browser were publicly disclosed Tuesday. A three-month-long malicious ad campaign pushed malware to mobile iOS Chrome and iOS desktop browsers. The attacks, attributed to ScamClub, exploited a bug in the open-source WebKit engine. The group is best known for a massive 2018 campaign where it redirected 300 million users to shady phishing sites, serving up adult content and gift card scams. The attack vector can be difficult for both the average person using the internet and businesses alike to handle.
Source: https://threatpost.com/safari-browser-scamclub-campaign-revealed/164023/