InfoSecBulletin Cybersecurity for mankind
Apple released critical updates for its various products including for iOS, iPadOS, macOS, visionOS, and Safari to fix two zero-day vulnerabilities actively being exploited in the wild.
The flaws are listed below:
Microsoft Patches Four Critical Azure and Power Apps Vulns
By infosecbulletin
/ Friday , May 9 2025
Microsoft has fixed critical vulnerabilities in its core cloud services, including Azure Automation, Azure Storage, Azure DevOps, and Microsoft Power...
Read More
Qilin Ransomware topped April 2025 with 45+ data leak disclosures
By infosecbulletin
/ Thursday , May 8 2025
The cyber threat landscape is rapidly changing, with a notable increase in ransomware activity in April 2025, driven by the...
Read More
SonicWall Patches 3 Flaws in SMA 100 Devices
By infosecbulletin
/ Thursday , May 8 2025
SonicWall has released patches for three security flaws in SMA 100 Secure Mobile Access appliances that could allow remote code...
Read More
Top Ransomware Actively Attacking Financial Sector: 406 Incidents Disclosed
By infosecbulletin
/ Thursday , May 8 2025
From April 2024 to April 2025, Flashpoint analysts noted that the financial sector was a major target for threat actors,...
Read More
Critical (CVSS 10) Flaw in Cisco IOS XE WLCs Allows RRA
By infosecbulletin
/ Thursday , May 8 2025
Cisco has issued a security advisory for a critical vulnerability in its IOS XE Software for Wireless LAN Controllers (WLCs)....
Read More
CVE-2025-29824
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day
By infosecbulletin
/ Wednesday , May 7 2025
Attackers linked to the Play ransomware operation deployed a zero-day privilege escalation exploit during an attempted attack against an organization...
Read More
Hacker exploited Samsung MagicINFO 9 Server RCE flaw
By infosecbulletin
/ Wednesday , May 7 2025
Hackers are exploiting an unauthenticated remote code execution vulnerability in the Samsung MagicINFO 9 Server to take control of devices...
Read More
CISA adds Langflow flaw to its KEV catalog
By infosecbulletin
/ Tuesday , May 6 2025
CISA added the Langflow vulnerability, CVE-2025-3248 (CVSS score 9.8), to its Known Exploited Vulnerabilities catalog. Langflow is a popular tool...
Read More
Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers
By infosecbulletin
/ Tuesday , May 6 2025
Google has released its monthly Android security updates, addressing 46 vulnerabilities, including one that has been actively exploited. CVE-2025-27363 (CVSS...
Read More
UAP hosted “UAP Cyber Siege 2025”, A national level cybersecurity competition
By infosecbulletin
/ Tuesday , May 6 2025
The Cyber Security Club, representing the Department of Computer Science and Engineering at the University of Asia Pacific (UAP), has...
Read More
CVE-2024-44309 : A vulnerability in cookie handling that could allow a cross-site scripting (XSS) attack when processing harmful web content
CVE-2024-44308: JavaScriptCore vulnerability to allow harmful code while handling malicious web content
While the details of the exploitation are not clear, Apple said they are actively exploiting on Intel-based Mac systems.
The below mentioned devices and operating systems got updates:
Users should update their devices to the latest version promptly to protect against potential threats.
