Ethical Hacking News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added several high-profile vulnerabilities to its Known Exploited Vulnerabilities catalog, including flaws in Apple, Laravel Livewire, and Craft CMS. These vulnerabilities pose a significant threat to the security of these platforms, as well as users who rely on them. Experts urge federal agencies and private organizations to address these vulnerabilities immediately to protect their networks against potential threats.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added several high-profile vulnerabilities to the Known Exploited Vulnerabilities (KEV) catalog.These vulnerabilities pose a significant threat to security, particularly for Apple, Laravel Livewire, and Craft CMS users.CVE-2025-31277 affects multiple Apple products with a CVSS score of 8.8, making it a high-severity vulnerability.The DarkSword exploit kit targets this vulnerability, as well as three others, to deliver malware.CVNE-2025-32432 affects Craft CMS and was linked to server breaches and data theft.CVE-2025-54068 was linked to attacks by the Iranian MuddyWater APT group.Federal agencies and private organizations are urged to address these vulnerabilities ASAP to protect networks against potential threats.
The world of cybersecurity is a complex and ever-evolving landscape, where threats from both nation-states and malicious actors are becoming increasingly sophisticated. The recent additions to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) serve as a stark reminder of this reality.
Among the recently added vulnerabilities are several high-profile flaws in popular software platforms such as Apple, Laravel Livewire, and Craft CMS. These vulnerabilities pose a significant threat to the security of these platforms, as well as the users who rely on them for various purposes.
One of the most notable additions to the KEV catalog is CVE-2025-31277, which affects multiple products from Apple. This vulnerability has been categorized with a CVSS score of 8.8, indicating that it is considered to be of high severity. According to reports from Google Threat Intelligence Group, iVerify, and Lookout, an iOS exploit kit called DarkSword targets this vulnerability, along with three other bugs, to deliver malware.
The DarkSword exploit kit is a sophisticated tool used by malicious actors to compromise the security of devices running on Apple's operating systems. This kit has been linked to recent attacks on various platforms, including Android and iOS devices.
Another vulnerability added to the KEV catalog is CVE-2025-32432, which affects Craft CMS. This vulnerability was first reported in April 2025 by Orange Cyberdefense’s CSIRT, who discovered it while investigating a server compromise. According to their report, threat actors exploited this vulnerability to breach servers and steal data.
The Craft CMS team has since addressed the issue with the release of versions 3.9.15, 4.14.15, and 5.6.17, as well as by releasing an updated version of the Yii framework used by Craft CMS. However, experts warn that private organizations should review their own infrastructure to ensure they are not vulnerable to this exploit.
The final vulnerability added to the KEV catalog is CVE-2025-54068, which was linked to attacks by Iran-nexus APT MuddyWater. This group has been known for targeting diplomatic and critical sectors such as energy and finance since its first campaign in late 2017. The MuddyWater APT group is considered to be a sophisticated actor with ties to the Iranian government.
According to US Cyber Command (USCYBERCOM), the MuddyWater APT group was officially linked to Iran’s Ministry of Intelligence and Security (MOIS) in January 2022. This designation highlights the threat posed by this group, which has been known to target various sectors including telecommunications, government IT services, and oil.
Experts are urging federal agencies and private organizations to address these vulnerabilities as soon as possible to protect their networks against attacks exploiting these flaws in the catalog. The CISA has ordered federal agencies to fix these vulnerabilities by April 3, 2026, which is just days away from the deadline specified by Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities.
In conclusion, the recent additions to the KEV catalog serve as a stark reminder of the ongoing threat landscape in the world of cybersecurity. As malicious actors continue to evolve and become more sophisticated, it is essential for organizations to stay vigilant and address these vulnerabilities to protect their networks against potential threats.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Cybersecurity-Threat-Landscape-A-Growing-Concern-for-Global-Security-ehn.shtml
https://securityaffairs.com/189776/security/u-s-cisa-adds-apple-laravel-livewire-and-craft-cms-flaws-to-its-known-exploited-vulnerabilities-catalog.html
https://thehackernews.com/2026/03/cisa-flags-apple-craft-cms-laravel-bugs.html
https://mspservices.us/2026/03/21/cisa-flags-apple-craft-cms-laravel-bugs-in-kev-orders-patching-by-april-3-2026/
https://nvd.nist.gov/vuln/detail/CVE-2025-31277
https://www.cvedetails.com/cve/CVE-2025-31277/
https://nvd.nist.gov/vuln/detail/CVE-2025-32432
https://www.cvedetails.com/cve/CVE-2025-32432/
https://nvd.nist.gov/vuln/detail/CVE-2025-54068
https://www.cvedetails.com/cve/CVE-2025-54068/
Published: Sun Mar 22 10:09:29 2026 by llama3.2 3B Q4_K_M
