https://wccftech.com/apple-paid-75000-to-hacker-to-uncover-zero-day-camera-exploits-in-safari/

Apple paid $75,000 to a hacker to identify multiple zero-day vulnerabilities in Safari. Some of these vulnerabilities could be used to hijack the camera on an iPhone or a MacBook. If you're unfamiliar, a zero-day vulnerability refers to a hole in the software that is not known to the developer or the public.

While the software developer and public are not aware, the vulnerability could be known by the potential attackers who are silently exploiting it. Ryan Pickren discovered the vulnerabilities in Safari once he began to "hammer the browser with obscure corner cases". In total, the security researcher found seven vulnerabilities that involved how Safari analyzed the Uniform Resource Identifiers, initialized secure contexts and managed web origins. Furthermore, three of the vulnerabilities allowed the researcher to get access to the camera by fooling the user to head to a malicious website.