Wednesday , February 12 2025
zero-day

CVE-2025-24200
Apple releases update of zero-day vuln exploited in the Wild

infosecbulletin 17 hours ago Alert, Vulnerabilities

Apple has issued emergency security updates to fix a zero-day vulnerability, CVE-2025-24200, which is being exploited in targeted attacks on iPhone and iPad users.

The vulnerability lets attackers turn off USB Restricted Mode on a locked device, risking unauthorized access to sensitive data. Apple is aware that this issue may have been used in a highly sophisticated attack on certain individuals.

Patch Now
SonicWall firewall vuln allows hackers to hijack VPN sessions

By infosecbulletin / Wednesday , February 12 2025
Bishop Fox security researchers have released detailed information on the CVE-2024-53704 vulnerability, which lets attackers bypass authentication in some versions...
Read More
Patch Now SonicWall firewall vuln allows hackers to hijack VPN sessions

SAP Security Patch February 2025: Multi Vulns Addressed

By infosecbulletin / Tuesday , February 11 2025
SAP has issued new security patches for 19 vulnerabilities and updated 2 previous Security Notes. This Patch Day features fixes...
Read More
SAP Security Patch February 2025: Multi Vulns Addressed

TRACKING RANSOMWARE
Akira Topped January 2025 as the Most Active Ransomware Threat

By infosecbulletin / Tuesday , February 11 2025
In January 2025, there were 510 global ransomware incidents, with Akira as the leading group and new ones like MORPHEUS...
Read More
TRACKING RANSOMWARE Akira Topped January 2025 as the Most Active Ransomware Threat

FinStealer Malware Targets Indian Bank’s Mobile Users, Stealing Credentials

By infosecbulletin / Tuesday , February 11 2025
CYFIRMA analysis reveals a sophisticated malware campaign that exploits a major Indian bank's brand through fake mobile apps. These apps,...
Read More
FinStealer Malware Targets Indian Bank’s Mobile Users, Stealing Credentials

CVE-2024-52875
Over 12,000 Firewall Vulnerable to 1-Click RCE Exploit

By infosecbulletin / Tuesday , February 11 2025
Over 1,200 firewall instances are vulnerable to a critical remote code execution issue, known as CVE-2024-52875. The vulnerability is found...
Read More
CVE-2024-52875 Over 12,000 Firewall Vulnerable to 1-Click RCE Exploit

CVE-2025-24200
Apple releases update of zero-day vuln exploited in the Wild

By infosecbulletin / Tuesday , February 11 2025
Apple has issued emergency security updates to fix a zero-day vulnerability, CVE-2025-24200, which is being exploited in targeted attacks on...
Read More
CVE-2025-24200 Apple releases update of zero-day vuln exploited in the Wild

Zimbra Releases Updates for SQL Injection, XSS, and SSRF Vulns

By infosecbulletin / Monday , February 10 2025
Zimbra has released updates for its Collaboration software to fix critical security flaws that could lead to information disclosure if...
Read More
Zimbra Releases Updates for SQL Injection, XSS, and SSRF Vulns

CVE-2025-23369
SAML Bypass Auth on GitHub Enterprise Servers to Login

By infosecbulletin / Monday , February 10 2025
A serious security vulnerability, CVE-2025-23369, has been found in GitHub Enterprise Server (GHES) that lets attackers bypass SAML authentication and...
Read More
CVE-2025-23369 SAML Bypass Auth on GitHub Enterprise Servers to Login

India to launch new domain name for banks to combat digital fraud

By infosecbulletin / Saturday , February 8 2025
India's central bank to launch a special “.bank.in” domain for banks in April 2025 to fight digital payment fraud and...
Read More
India to launch new domain name for banks to combat digital fraud

Using 2.8 millions IPs, massive brute attack ongoing

By infosecbulletin / Saturday , February 8 2025
The Shadowserver Foundation reports that a brute force attack has been active since last month, using nearly 2.8 million IP...
Read More
Using 2.8 millions IPs, massive brute attack ongoing

The company fixed the vulnerability in iOS 18.3.1 and iPadOS 18.3.1 by enhancing state management.

The zero-day vulnerability impacts the following devices:

iPhone XS and later
iPad Pro 13-inch
iPad Pro 12.9-inch (3rd generation and later)
iPad Pro 11-inch (1st generation and later)
iPad Air (3rd generation and later)
iPad (7th generation and later)
iPad mini (5th generation and later)

USB Restricted Mode helps keep your data safe by blocking USB access if your device has been locked for over an hour.

This feature blocks unauthorized access to locked iOS devices to prevent law enforcement from using forensic software. However, a recent vulnerability lets attackers bypass this protection.

Bill Marczak from Citizen Lab, a cybersecurity research group at the University of Toronto, discovered the vulnerability. Citizen Lab is known for identifying advanced cyberattacks.

Apple urges the users to install security updates iOS 18.3.1 and iPadOS 18.3.1 right away to fix the CVE-2025-24200 vulnerability and enhance security.

SAML Bypass Auth on GitHub Enterprise Servers to Login

Check Also

Zimbra

Zimbra Releases Updates for SQL Injection, XSS, and SSRF Vulns

Zimbra has released updates for its Collaboration software to fix critical security flaws that could …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2025, All Rights Reserved InfoSecBulletin