Apple and Google Threat Analysis Group discovered two security vulnerabilities impacting iOS devices. Tracked as CVE-2025-31200 and CVE-2025-31201, the vulnerabilities could allow an attacker to execute code. The Apple security advisory states that they are aware of a report that the vulnerabilities may have been exploited in an extremely sophisticated attack against specific targeted individuals on … Continue reading “Apple Releases Fixes for iOS Zero-day Vulnerabilities (CVE-2025-31200 & CVE-2025-31201)”
Tag: Apple
Apple Backports Fixes for Three Zero-day Vulnerabilities (CVE-2025-24200, CVE-2025-24201, & CVE-2025-24085)
Apple released backported fixes to address three zero-day vulnerabilities exploited in targeted attacks against older iOS, iPadOS, and macOS versions. Tracked as CVE-2025-24200, CVE-2025-24201, & CVE-2025-24085, the vulnerabilities were initially patched in March. Apple mentioned in the advisory that they are aware of a report that the vulnerabilities may have been actively exploited against versions … Continue reading “Apple Backports Fixes for Three Zero-day Vulnerabilities (CVE-2025-24200, CVE-2025-24201, & CVE-2025-24085)”
Apple Addressed WebKit Zero-day Vulnerability Impacting iOS Devices (CVE-2025-24201)
Apple released fixes for an actively exploited vulnerability in attacks against iOS devices. Tracked as CVE-2025-24201, the vulnerability also affects macOS Sequoia and Safari web browser. The out-of-bounds write flaw exists in the WebKit browser engine. An attacker may exploit the vulnerability by maliciously crafted web content to break out of the Web Content sandbox. … Continue reading “Apple Addressed WebKit Zero-day Vulnerability Impacting iOS Devices (CVE-2025-24201)”
CISA Added Apple iOS Zero-day Vulnerability to its Known Exploited Vulnerabilities Catalog (CVE-2025-24200)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently acknowledged the active exploitation of a vulnerability impacting Apple iOS and iPadOS devices. Tracked as CVE-2025-24200, the vulnerability may allow attackers to execute code on target systems. CISA added the vulnerability to its Known Exploited Vulnerabilities Catalog, urging users to patch the flaw before March … Continue reading “CISA Added Apple iOS Zero-day Vulnerability to its Known Exploited Vulnerabilities Catalog (CVE-2025-24200)”
Apple Fixes Actively Exploited Zero-day Vulnerability (CVE-2025-24085)
Apple released a security update to address a zero-day vulnerability, tracked as CVE-2024-24085. The security updates addressed 33 vulnerabilities impacting multiple products such as macOS Sonoma, macOS Ventura, macOS Sequoia, Safari, iOS, and iPadOS. CVE-2025-24085 The use after free vulnerability exists in the CoreMedia component of macOS Sequoia, iOS, and iPadOS. Successful exploitation of the vulnerability … Continue reading “Apple Fixes Actively Exploited Zero-day Vulnerability (CVE-2025-24085)”
Apple Releases Fixes for Actively Exploited Zero-day Vulnerabilities (CVE-2024-44308 & CVE-2024-44309)
Apple Safari, macOS Sequoia, iOS, and iPadOS are vulnerable to two security flaws being exploited in the wild. In the advisory, Apple mentioned that they are aware of a report that the vulnerabilities have been actively exploited on Intel-based Mac systems. Clément Lecigne and Benoît Sevens of Google’s Threat Analysis Group discovered both CVE-2024-44308 and … Continue reading “Apple Releases Fixes for Actively Exploited Zero-day Vulnerabilities (CVE-2024-44308 & CVE-2024-44309)”
Attackers Exploited Vulnerabilities in Attacks Against iOS and macOS (CVE-2024-23225 & CVE-2024-23296)
Apple has released patches to address multiple vulnerabilities impacting popular products, including iOS and iPadOS. Two of the vulnerabilities, CVE-2024-23225 and CVE-2024-23296, were reportedly exploited in attacks against iOS and macOS. Apple mentioned in the advisory that it is aware of the exploitation of the vulnerabilities.
Apple Releases Patch for Zero-day Vulnerabilities Used in Attack Against iOS and macOS (CVE-2024-23222, CVE-2023-42916, & CVE-2023-42917)
Threat actors are using CVE-2024-23222, CVE-2023-42916, and CVE-2023-42917 vulnerabilities in attacks against iOS and Macs. Apple has addressed the vulnerabilities in products such as Safari, iOS, iPadOS, macOS, watchOS, and tvOS. Along with the zero-day vulnerability, Apple has addressed multiple vulnerabilities affecting its popular products. CISA has added the CVE-2024-23222 to its Known Exploited Vulnerabilities Catalog, … Continue reading “Apple Releases Patch for Zero-day Vulnerabilities Used in Attack Against iOS and macOS (CVE-2024-23222, CVE-2023-42916, & CVE-2023-42917)”
Apple Addressed Two Zero-day Vulnerabilities Affecting iOS and iPadOS (CVE-2023-42824 & CVE-2023-5217)
Apple has released an emergency update to fix an actively exploited zero-day vulnerability. CVE-2023-42824 is a critical severity vulnerability affecting iPhones and iPads. A local attacker can exploit the vulnerability that exists in the XNU kernel to gain privileges. Apple has fixed the vulnerability with improved checks. Apple has mentioned in their advisories that they … Continue reading “Apple Addressed Two Zero-day Vulnerabilities Affecting iOS and iPadOS (CVE-2023-42824 & CVE-2023-5217)”
Apple Patched Three Zero-days Affecting iOS, iPadOS, macOS Ventura, Safari (CVE-2023-41991, CVE-2023-41992, & CVE-2023-41993)
Apple has released emergency updates to address three zero-day vulnerabilities in multiple popular products. Tracked as CVE-2023-41991, CVE-2023-41992, and CVE-2023-41993, the vulnerabilities may allow attackers to elevate privileges, perform arbitrary code execution, and bypass signature validation. Bill Marczak of The Citizen Lab at The University of Toronto’s Munk School and Maddie Stone of Google’s Threat … Continue reading “Apple Patched Three Zero-days Affecting iOS, iPadOS, macOS Ventura, Safari (CVE-2023-41991, CVE-2023-41992, & CVE-2023-41993)”
