InfoSecBulletin Cybersecurity for mankind
PortSwigger has launched Burp Suite 2025.1, adding new features and improvements to enhance usability and efficiency for penetration testers. This update features major improvements to the Burp Intruder module, HTTP response analysis, and interaction management, as well as a browser upgrade and bug fixes.
Auto-Pause Intruder Attacks:
AMD discloses 4 new CPU flaws Affecting Many CPUs
GitLab patched XSS and Authorization Bypass Flaws
CVE-2025-7206
Critical D-Link DIR-825 Router Flaw Remote Crash Via Buffer Overflow
Urgently patch now: Zoom Patches 6 Flaws
Whatsapp rival ‘Bitchat’, message without internet
Splunk Addresses Third-Party Package Vulns in SOAR Versions
Texas-based Tax Credit Consultancy agency exposed PII, ID Numbers, & SSNs
CVE-2025-25257
Fortinet Addresses Major SQL Injection Flaw in FortiWeb
Microsoft July 2025 Patch Tuesday: One zero-day, 137 flaws
Android malware Anatsa infiltrates Google Play targeting banks worldwide
A key feature of this release is the new Auto-Pause Attack in Burp Intruder. It enables users to automatically pause attacks when certain conditions in HTTP responses are met.
Users can set the tool to pause an attack when a certain expression is detected or absent in the response. This feature improves memory efficiency during large attacks and allows testers to concentrate on relevant results automatically.
Content-Length Mismatch Highlighting:
Burp Suite now automatically highlights differences in the Content-Length response header to improve vulnerability detection.
If the length stated in the header doesn’t match the actual response size, it will be flagged. This improvement helps detect problems such as HTTP request smuggling and other server response issues.
CSV Export for Collaborator Interactions:
Burp Collaborator now allows users to export interaction data as CSV files, simplifying the process for security professionals to include detailed logs in reports or presentations.
Users can now mark interactions as “read,” making it easier to distinguish between reviewed and new activities.
Bug Fixes:
Several bugs have been resolved in this release to improve stability and user experience:
Fixed an issue where the Home and End keys caused incorrect cursor positioning in the message editor.
Resolved a problem with Burp Logger’s view filter not reapplying correctly after reaching capture limits.
Addressed a bug that prevented newly saved configurations from appearing in the configuration library without restarting Burp.
Corrected payload encoding issues when creating new Intruder tabs with encoding disabled.
Fixed non-functional hotkeys for adding notes in Burp Organizer and Repeater.
Resolved copy-paste issues on Linux and Windows for BCheck preview screens.
Fixed problems with extension-provided tabs disappearing when loading multiple extensions, especially those with WebSocket message editor implementations.
Burp Suite’s integrated browser is now updated to Chromium version 132.0.6834.84 for Windows and macOS, and 132.0.6834.83 for Linux. This guarantees compatibility with modern web standards and improves performance in manual testing.
Burp Suite 2025.1 greatly improves usability, efficiency, and technical strength for penetration testers and cybersecurity experts.
The new auto-pause feature and improved response analysis will simplify workflows and enhance web application testing. Users should update to the latest version for improved security assessments.
