July 2, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
GhostSpy Android Malware Enables Full Device Takeovers – Active IOCs
May 27, 2025
Multiple WordPress Plugins Vulnerabilities
May 27, 2025
GhostSpy Android Malware Enables Full Device Takeovers – Active IOCs
May 27, 2025
Multiple WordPress Plugins Vulnerabilities
May 27, 2025
Severity
Medium
Analysis Summary
CVE-2025-24144 CVSS:5.5
Apple macOS Ventura could allow a local attacker to leak sensitive kernel state, caused by an information disclosure issue in the Kernel component when using a specially crafted application.
CVE-2025-31235 CVSS:5.5
Apple macOS Ventura is vulnerable to a denial of service, caused by a double-free issue in the Audio component when using a specially crafted application.
CVE-2025-24220 CVSS:5.5
Apple iPadOS could allow a local attacker to read a persistent device identifier, caused by a permission issue in the Sandbox Profiles component when using a specially crafted application.
Impact
- Denial of Service
- Information Disclosure
Indicators of Compromise
CVE
CVE-2025-24144
CVE-2025-31235
CVE-2025-24220
Affected Vendors
- Apple
Affected Products
- Apple iOS - 18.3
- Apple iPadOS - 18.3
- Apple macOS Ventura - 13.7.5
- Apple iPadOS - 17.7.6
Remediation
Refer to the Apple security document for patch, upgrade, or suggested workaround information.