CISA Urges Patching of Apple and CMS Vulnerabilities

CISA Urges Patching of Apple and CMS Vulnerabilities

Posted on By CWS

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently highlighted five critical security vulnerabilities impacting Apple, Craft CMS, and Laravel Livewire. Federal agencies are strongly advised to address these issues by April 3, 2026, to prevent potential exploitation.

Highlighted Security Flaws

Among the vulnerabilities, three affect Apple technologies. Specifically, CVE-2025-31277, a memory corruption issue in Apple WebKit, poses significant threats. Additionally, CVE-2025-43510 and CVE-2025-43520 involve Apple’s kernel component, where malicious applications could disrupt memory processes or cause system instability.

Craft CMS and Laravel Livewire are also under scrutiny. CVE-2025-32432 presents a code injection risk in Craft CMS that could enable remote code execution. Similarly, CVE-2025-54068 in Laravel Livewire could allow unauthorized remote command execution, heightening the need for immediate action.

Exploits and Threat Actors

The vulnerabilities have been exploited in various cyberattacks. Reports from the Google Threat Intelligence Group and other entities emphasize the use of these flaws in deploying malware like GHOSTBLADE and GHOSTKNIFE, particularly through an iOS exploit kit known as DarkSword.

Craft CMS’s CVE-2025-32432 has been used in zero-day exploits by unidentified actors since early 2025, with malicious groups such as Mimo leveraging it for cryptocurrency mining and proxyware installations. Meanwhile, the Iranian group MuddyWater, also called Boggy Serpens, has exploited CVE-2025-54068 in high-profile attacks.

Impact and Future Outlook

MuddyWater is notorious for targeting diplomatic and critical infrastructure sectors. Their operations involve advanced malware implants enhanced with AI for sustained persistence and evasion. These attacks often use hijacked accounts to bypass security measures, posing severe risks to targeted entities.

Recent campaigns, particularly in the Middle East, have demonstrated MuddyWater’s evolving capabilities. Their arsenal includes tools like GhostBackDoor and LampoRAT, showcasing their sophisticated approach to cyber espionage and disruptive activities.

As cyber threats grow more complex, organizations must prioritize timely patching of known vulnerabilities. Ensuring robust cybersecurity measures and staying informed about emerging threats remain critical to safeguarding digital infrastructure.

The Hacker News Tags:, , , , , , , , ,

Related Posts

A Technical Gap Analysis of Last-Mile Protection A Technical Gap Analysis of Last-Mile Protection The Hacker News
Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088 Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088 The Hacker News
Echo Chamber Jailbreak Tricks LLMs Like OpenAI and Google into Generating Harmful Content Echo Chamber Jailbreak Tricks LLMs Like OpenAI and Google into Generating Harmful Content The Hacker News
The Crucial Role of Initial Decisions in Incident Response The Crucial Role of Initial Decisions in Incident Response The Hacker News
Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257) Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257) The Hacker News
North Korean Hackers Use New AkdoorTea Backdoor to Target Global Crypto Developers North Korean Hackers Use New AkdoorTea Backdoor to Target Global Crypto Developers The Hacker News