168/69 Tuesday, March 24, 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added five vulnerabilities affecting Apple, Craft CMS, and Laravel Livewire to its Known Exploited Vulnerabilities (KEV) catalog after confirming active exploitation. These vulnerabilities carry CVSS scores ranging from 7.8 to 10.0 and include issues such as buffer overflow, improper locking, and code injection, all of which could be leveraged to compromise systems. CISA has directed U.S. federal agencies to remediate these vulnerabilities by April 3, 2026, to reduce the risk of cyberattacks.
Details show that three Apple vulnerabilities-CVE-2025-31277, CVE-2025-43510, and CVE-2025-43520-are being exploited through an iOS exploit kit known as “DarkSword” to deliver malware. Meanwhile, the Craft CMS vulnerability CVE-2025-32432 (CVSS 10.0) has been observed in attacks where it is chained with other flaws to compromise servers and exfiltrate data, including through the upload of malicious PHP management files. This issue has been patched in versions 3.9.15, 4.14.15, and 5.6.17, along with related updates in the Yii framework since April 2025.
Additionally, the vulnerability CVE-2025-54068 in Laravel Livewire has been linked to attacks attributed to the MuddyWater APT group, which has a history of targeting diplomatic entities and critical sectors such as telecommunications, energy, and finance across regions including Europe and North America. Security experts strongly recommend that organizations urgently assess their infrastructure and apply patches in accordance with CISA guidance to mitigate potential risks.