CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026

2026-03-21

1 min read

by info@thehackernews.com (The Hacker News)

Read Original

Get the latest tech trends every morning

Receive daily AI-curated summaries of engineering articles from top tech companies worldwide.

Endigest AI Core Summary

CISA added five actively exploited vulnerabilities in Apple, Craft CMS, and Laravel Livewire to its KEV catalog, requiring federal agencies to patch by April 3, 2026.

•Three Apple vulnerabilities (CVE-2025-31277, CVE-2025-43510, CVE-2025-43520) are linked to an iOS exploit kit called DarkSword, used to deploy malware families GHOSTBLADE, GHOSTKNIFE, and GHOSTSABER.
•CVE-2025-32432 in Craft CMS (CVSS 10.0) allows remote code execution and has been exploited as a zero-day since February 2025 by the Mimo/Hezb group to deploy crypto miners and proxyware.
•CVE-2025-54068 in Laravel Livewire (CVSS 9.8) enables unauthenticated remote command execution, exploited by Iranian state-sponsored group MuddyWater (Boggy Serpens).
•MuddyWater targets diplomatic and critical infrastructure in the Middle East using AI-enhanced malware, social engineering, and a custom web-based orchestration platform for mass spear-phishing.

CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026

Get the latest tech trends every morning

Endigest AI Core Summary

Related Articles

China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

Why Third-Party Risk Is the Biggest Gap in Your Clients' Security Posture