InfoSecBulletin Cybersecurity for mankind
U.S. Cybersecurity and Infrastructure Security Agency (CISA) added five security problems affecting Apple, Craft CMS, and Laravel Livewire to its Known Exploited Vulnerabilities (KEV) list on Friday. They are telling federal agencies to fix these issues by April 3, 2026.
The vulnerabilities that have come under exploitation are listed below:Â
LastPass says hackers stole customer data via Klue, supply chain breach
New Apple Exploit Bypasses Boot Defenses, Possibly Affects Millions of iPhones Worldwide
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CVE-2025-31277 (CVSS score: 8.8) – A vulnerability in Apple WebKit that could result in memory corruption when processing maliciously crafted web content. (Fixed in July 2025)
CVE-2025-43510 (CVSS score: 7.8) – A memory corruption vulnerability in Apple’s kernel component that could allow a malicious application to cause unexpected changes in memory shared between processes. (Fixed in December 2025)
CVE-2025-43520 (CVSS score: 8.8) – A memory corruption vulnerability in Apple’s kernel component that could allow a malicious application to cause unexpected system termination or write kernel memory. (Fixed in December 2025)
CVE-2025-32432 (CVSS score: 10.0) – A code injection vulnerability in Craft CMS that could allow a remote attacker to execute arbitrary code. (Fixed in April 2025)
CVE-2025-54068 (CVSS score: 9.8) – A code injection vulnerability in Laravel Livewire that could allow unauthenticated attackers to achieve remote command execution in specific scenarios. (Fixed in July 2025)
The three Apple vulnerabilities were added to the KEV catalog after reports from Google Threat Intelligence Group (GTIG), iVerify, and Lookout about an iOS exploit kit called DarkSword. This kit uses these weaknesses and three other bugs to spread malware like GHOSTBLADE, GHOSTKNIFE, and GHOSTSABER that steals data.
CVE-2025-32432 is believed to have been used as a zero-day by unknown hackers since February 2025, according to Orange Cyberdefense SensePost. Since then, a group called Mimo (also known as Hezb) has been seen taking advantage of the weakness to install a cryptocurrency miner and proxy software for homes.
CVE-2025-54068 is the last item on the list. The Ctrl-Alt-Intel Threat Research team recently warned about its use in attacks by the Iranian hacking group, MuddyWater (also known as Boggy Serpens).
