InfoSecBulletin Cybersecurity for mankind
PortSwigger has launched Burp Suite 2025.1, adding new features and improvements to enhance usability and efficiency for penetration testers. This update features major improvements to the Burp Intruder module, HTTP response analysis, and interaction management, as well as a browser upgrade and bug fixes.
Auto-Pause Intruder Attacks:
Check Point said BreachForum post old data
Apple Warns of 3 Zero Day Vulns Actively Exploited
24,000 unique IP attempted to access Palo Alto GlobalProtect portals
CVE-2025-1268
Patch urgently! Canon Fixes Critical Printer Driver Flaw
Within Minute, RamiGPT To Escalate Privilege Gaining Root Access
Australian fintech database exposed in 27000 records
Over 200 Million Info Leaked Online Allegedly Belonging to X
FBI investigating cyberattack at Oracle, Bloomberg News reports
OpenAI Offering $100K Bounties for Critical Vulns
Splunk Alert User RCE and Data Leak Vulns
A key feature of this release is the new Auto-Pause Attack in Burp Intruder. It enables users to automatically pause attacks when certain conditions in HTTP responses are met.
Users can set the tool to pause an attack when a certain expression is detected or absent in the response. This feature improves memory efficiency during large attacks and allows testers to concentrate on relevant results automatically.
Content-Length Mismatch Highlighting:
Burp Suite now automatically highlights differences in the Content-Length response header to improve vulnerability detection.
If the length stated in the header doesn’t match the actual response size, it will be flagged. This improvement helps detect problems such as HTTP request smuggling and other server response issues.
CSV Export for Collaborator Interactions:
Burp Collaborator now allows users to export interaction data as CSV files, simplifying the process for security professionals to include detailed logs in reports or presentations.
Users can now mark interactions as “read,” making it easier to distinguish between reviewed and new activities.
Bug Fixes:
Several bugs have been resolved in this release to improve stability and user experience:
Fixed an issue where the Home and End keys caused incorrect cursor positioning in the message editor.
Resolved a problem with Burp Logger’s view filter not reapplying correctly after reaching capture limits.
Addressed a bug that prevented newly saved configurations from appearing in the configuration library without restarting Burp.
Corrected payload encoding issues when creating new Intruder tabs with encoding disabled.
Fixed non-functional hotkeys for adding notes in Burp Organizer and Repeater.
Resolved copy-paste issues on Linux and Windows for BCheck preview screens.
Fixed problems with extension-provided tabs disappearing when loading multiple extensions, especially those with WebSocket message editor implementations.
Burp Suite’s integrated browser is now updated to Chromium version 132.0.6834.84 for Windows and macOS, and 132.0.6834.83 for Linux. This guarantees compatibility with modern web standards and improves performance in manual testing.
Burp Suite 2025.1 greatly improves usability, efficiency, and technical strength for penetration testers and cybersecurity experts.
The new auto-pause feature and improved response analysis will simplify workflows and enhance web application testing. Users should update to the latest version for improved security assessments.
