CyberSecurity news

FlagThis

@www.bleepingcomputer.com //

Apple Patches Two Zero-Days Exploited in Attacks

Original img attribution: https://www.bleepstatic.com/content/hl-images/2023/12/01/back.jpg
ImgSrc: www.bleepstatic

Share: bluesky twitterx--v2 facebook--v1 threads


References :
  • techcrunch.com: Apple says zero-day bugs exploited against ‘specific targeted individuals’ using iOS
  • PCMag UK security: Apple Patches iPhone Bug Involving Malicious Media Files
  • www.bleepingcomputer.com: BleepingComputer: Apple fixes two zero-days exploited in targeted iPhone attacks
  • securityonline.info: Security Online: Urgent Apple Security Patch: Zero-Day Exploits Target iPhones
  • securityonline.info: Urgent Apple Security Patch: Zero-Day Exploits Target iPhones
  • Zack Whittaker: Apple says it's fixed two zero-day security bugs that may've been used in an "extremely sophisticated attack against specific targeted individuals on iOS.†Google's Threat Analysis Group, which investigates government-backed attacks, was credited with discovering one of the bugs, suggesting a potential nation state link.
  • techcrunch.com: Apple says zero-day bugs exploited against ‘specific targeted individuals’ using iOS
  • The Hacker News: The Hacker News reports Apple patches two actively exploited iOS flaws used in sophisticated targeted attacks.
  • securityaffairs.com: Apple released emergency updates for actively exploited flaws
  • www.zdnet.com: Update your iPhone now to patch a CarPlay glitch and two serious security flaws
  • gbhackers.com: GBHackers article on the Apple 0-day Vulnerabilities.
  • BleepingComputer: Apple released emergency security updates to patch two zero-day vulnerabilities that were used in an extremely sophisticated attack against specific targets' iPhones.
  • Cyber Security News: CybersecurityNews: 2 Apple Iphone Zero-Day Vulnerabilities Actively Exploited in Extremely Sophisticated Attacks
  • cyberinsider.com: Apple has released emergency security updates for iOS, iPadOS, and macOS to patch two zero-day vulnerabilities that are reportedly being actively exploited in sophisticated, targeted attacks. The two newly disclosed flaws are tracked as CVE-2025-31200 and CVE-2025-31201. Both were addressed on April 16, 2025, with the release of iOS 18.4.1, iPadOS 18.4.1, and macOS Sequoia
  • www.csoonline.com: Hackers target Apple users in an ‘extremely sophisticated attack’
  • Help Net Security: Apple Plugs Zero-Day Holes Used in Targeted iPhone Attacks (CVE-2025-31200, CVE-2025-31201)
  • Malwarebytes: Apple patches security vulnerabilities in iOS and iPadOS. Update now!
  • www.scworld.com: Updates have been issued by Apple to address a pair of zero-day vulnerabilities affecting iOS, macOS, iPadOS, tvOS, and visionOS, which was leveraged in a highly advanced and targeted iPhone attack, according to BleepingComputer.
  • bsky.app: 📣 EMERGENCY UPDATES 📣 Apple pushed updates for 2 new zero-days that may have been actively exploited. 🛠CVE-2025-31200 (CoreAudio), 🛠CVE-2025-31201 (RPAC): - iOS iOS 18.4.1 and iPadOS 18.4.1 - macOS Sequoia 15.4.1 - tvOS 18.4.1 - visionOS 2.4.1 #apple #infosec
  • Security | TechRepublic: Apple Patches Two Zero-Days Used in ‘Extremely Sophisticated’ Attacks
  • Rescana: Analysis of Apple Core Media and CoreAudio Zero-Day Vulnerabilities Impacting iOS and macOS Systems
  • securityaffairs.com: Apple released emergency updates to fix iOS, iPadOS & macOS vulnerabilities actively exploited in sophisticated attacks.
  • Cyber Security News: CybersecurityNews reports on CISA warning of multiple Apple 0-day vulnerabilities actively exploited in attacks.
  • www.helpnetsecurity.com: Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201)
  • Help Net Security: Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201)
  • Risky.Biz: CISA extends MITRE’s CVE contract; Chris Krebs resigns from SentinelOne following White House attack; Apple patches two iOS zero-days.
  • Risky Business Media: Chris Krebs resigns from SentinelOne and vows to fight, the Thai army and police doxed pro-democracy dissidents, CISA extends MITRE’s CVE contract, and Apple patches two iOS zero-days.
  • www.redhotcyber.com: Information on Apple releasing security updates for multiple products.
Classification: