{"vulnerability": "CVE-2025-4352", "sightings": [{"uuid": "6babd061-d08e-4a43-90ad-5ca44bc47fe4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://infosec.exchange/users/applsec/statuses/115708138694582722", "content": "", "creation_timestamp": "2025-12-12T19:01:21.826704Z"}, {"uuid": "0dbc2f0a-b01e-4d89-a755-a136d72dc417", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4352", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3loj3eo6csx2h", "content": "", "creation_timestamp": "2025-05-06T14:21:36.904612Z"}, {"uuid": "1982e495-d8d2-452c-983a-c030e4ab9a4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3meuci6pufs2w", "content": "", "creation_timestamp": "2026-02-15T00:42:21.316259Z"}, {"uuid": "d3da13ed-bbc5-416b-b22f-ba8db5c6ecda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://bsky.app/profile/applsec.bsky.social/post/3m7srlmndl22z", "content": "", "creation_timestamp": "2025-12-12T19:01:24.432086Z"}, {"uuid": "4f175b1c-f3e5-4975-8c1d-599133cd4c8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://infosec.exchange/users/applsec/statuses/115708312902658376", "content": "", "creation_timestamp": "2025-12-12T19:45:40.060472Z"}, {"uuid": "9153994f-8eac-45ac-883e-94f86c824759", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://bsky.app/profile/applsec.bsky.social/post/3m7su2tpgsd2z", "content": "", "creation_timestamp": "2025-12-12T19:45:41.255424Z"}, {"uuid": "72ec0adb-9e9d-4c88-9e7f-d525df672688", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/115708352000214919", "content": "", "creation_timestamp": "2025-12-12T19:55:36.684654Z"}, {"uuid": "66341d19-3e76-4cc6-83e5-0de7141fe192", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43523", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m7t7mcvrjb2q", "content": "", "creation_timestamp": "2025-12-12T23:12:18.735924Z"}, {"uuid": "1ded64b8-3b91-4b65-ad73-a89723a03f52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43521", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m7t7pi7hpl2c", "content": "", "creation_timestamp": "2025-12-12T23:14:06.012649Z"}, {"uuid": "50c640bc-c199-464a-a378-f97b9728aa05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43520", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m7t7su7ucw2e", "content": "", "creation_timestamp": "2025-12-12T23:15:58.435216Z"}, {"uuid": "42cc6391-fac2-419f-afcf-8f8934158010", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43522", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m7t7wgy7y32u", "content": "", "creation_timestamp": "2025-12-12T23:17:58.444012Z"}, {"uuid": "178bd536-d5fd-4407-af72-279c71de540e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43527", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m7ta2ceu7f2y", "content": "", "creation_timestamp": "2025-12-12T23:20:08.304719Z"}, {"uuid": "35f03dfb-54ed-45cd-9ae7-6ba9c40feda1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3m7txe34aau2i", "content": "", "creation_timestamp": "2025-12-13T06:17:12.439271Z"}, {"uuid": "d47b8ed0-241e-4036-a967-d6503281c934", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://thehackernews.com/2025/12/apple-issues-security-updates-after-two.html", "content": "", "creation_timestamp": "2025-12-13T04:32:00.000000Z"}, {"uuid": "ce3b1672-baf6-4c69-9bb5-19bd67ba6b3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-24ffa59d-f6bd1f54954653f0", "content": "", "creation_timestamp": "2025-12-13T09:42:13.236893Z"}, {"uuid": "e497048a-5f5f-4f28-9689-b408e9550f6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3m7ud364ypz2j", "content": "", "creation_timestamp": "2025-12-13T09:46:59.492279Z"}, {"uuid": "e4f03758-d0a8-4799-9bf3-c6133e8f6232", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mbmux6eusk2o", "content": "", "creation_timestamp": "2026-01-04T21:36:00.691370Z"}, {"uuid": "ff9ff84f-d89b-4d24-a35c-704b752b2e97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://www.acn.gov.it/portale/w/apple-rilevato-sfruttamento-attivo-di-vulnerabilita-in-webkit", "content": "", "creation_timestamp": "2025-12-13T08:35:05.000000Z"}, {"uuid": "b84eaa9b-c90a-4b73-a7f5-88ceac32d7c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://infosec.exchange/users/decio/statuses/115712117671837539", "content": "", "creation_timestamp": "2025-12-13T11:53:16.010400Z"}, {"uuid": "62391056-2540-4c78-85fa-c17da16d0b64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mahgpsltkc2b", "content": "", "creation_timestamp": "2025-12-21T00:12:49.134190Z"}, {"uuid": "62bc2ea9-2601-4181-803f-b155f391622b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/115722631853026818", "content": "", "creation_timestamp": "2025-12-15T08:27:09.602057Z"}, {"uuid": "194b8f12-910a-4ab3-a27d-b22ae6713b55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/115723686400449270", "content": "", "creation_timestamp": "2025-12-15T12:55:20.682057Z"}, {"uuid": "9c205068-4b36-421e-905a-9a531dae47aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://threatintel.cc/2025/12/15/apple-fixes-two-zeroday-flaws.html", "content": "", "creation_timestamp": "2025-12-15T11:55:38.000000Z"}, {"uuid": "66231c23-36ca-47e9-9b77-3d557c728164", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/apple-security-advisory-av25-837", "content": "", "creation_timestamp": "2025-12-15T18:28:09.000000Z"}, {"uuid": "5add60c6-039a-4300-9723-e239721ca15d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/115725796616529052", "content": "", "creation_timestamp": "2025-12-15T21:52:00.309763Z"}, {"uuid": "ec93e369-55e5-4a59-8b07-40454fe35d0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "e92402ac-b04a-4e73-ad0b-3c8344ca18bd", "vulnerability": "CVE-2025-43529", "type": "exploited", "source": "https://support.apple.com/en-us/125884", "content": "", "creation_timestamp": "2025-12-15T22:17:24.844963Z"}, {"uuid": "df26da99-c004-45d7-9145-52db27b19c33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3ma6wv3h3cq2z", "content": "", "creation_timestamp": "2025-12-17T15:08:06.989995Z"}, {"uuid": "35c3be4f-891c-4bea-9d7c-0c491d3545b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43526", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ma7lkblyt62g", "content": "", "creation_timestamp": "2025-12-17T21:17:52.318367Z"}, {"uuid": "0ad66ab7-e1fa-4033-960e-f78c390cd72d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ma7mumyo5l2u", "content": "", "creation_timestamp": "2025-12-17T21:41:33.483099Z"}, {"uuid": "42772147-f6be-4b0e-aa89-7e68bfacbc2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3madrqh2k5c2m", "content": "", "creation_timestamp": "2025-12-19T13:19:22.949725Z"}, {"uuid": "1b9b5ae8-cf86-4c32-8feb-76ae483f1e1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/5922969", "content": "", "creation_timestamp": "2026-03-04T01:42:37.143727Z"}, {"uuid": "07918885-dea6-4c65-8ca1-d091351b7dd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mbmv4tp2q22o", "content": "", "creation_timestamp": "2026-01-04T21:39:10.074658Z"}, {"uuid": "6595c4ef-edcb-4bed-95fe-66c539554806", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mbmvkevt4s2o", "content": "", "creation_timestamp": "2026-01-04T21:46:44.903459Z"}, {"uuid": "11df77e9-534a-402f-86ee-b4baa097fabc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mbnfbbzw2a23", "content": "", "creation_timestamp": "2026-01-05T02:27:56.296264Z"}, {"uuid": "06f4892c-590d-41b3-a885-bc3965299c89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1706", "content": "", "creation_timestamp": "2025-12-15T04:00:00.000000Z"}, {"uuid": "45de5bb9-d5fe-441b-9b0f-2ebe1dff0954", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43520", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mhlwkaykwh2v", "content": "", "creation_timestamp": "2026-03-21T21:03:06.238906Z"}, {"uuid": "33170999-1819-42b0-a867-e276d3724827", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://bsky.app/profile/applsec.bsky.social/post/3mem4n4e4aq2x", "content": "", "creation_timestamp": "2026-02-11T18:36:24.402621Z"}, {"uuid": "fb39322f-b734-4538-abcf-ac300c3c3faa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://infosec.exchange/users/applsec/statuses/116053441380483263", "content": "", "creation_timestamp": "2026-02-11T18:36:34.694360Z"}, {"uuid": "a8898923-550b-4177-9108-cd817ea2c2cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2025-43529", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/33ca5769-0a07-497a-a3a3-2d09143e9fd2", "content": "", "creation_timestamp": "2026-02-02T12:25:44.506034Z"}, {"uuid": "e9dd8744-8786-4d0b-9fdd-9960b9430851", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2025-43520", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/650af838-d4bc-44ff-8222-7e59092205e5", "content": "", "creation_timestamp": "2026-03-20T16:00:10.421325Z"}, {"uuid": "88a04391-ad19-428d-9711-c560ba3af6be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43520", "type": "seen", "source": "https://bsky.app/profile/jjtech.infosec.exchange.ap.brid.gy/post/3mhspjljvqlt2", "content": "", "creation_timestamp": "2026-03-24T13:46:08.610261Z"}, {"uuid": "a8b1d388-52bc-460b-a7cb-f73015d6790b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://bsky.app/profile/alpenjodel.bsky.social/post/3mcpyp3o5os2n", "content": "", "creation_timestamp": "2026-01-18T20:46:13.950103Z"}, {"uuid": "cfaf1491-6d09-4036-97f5-d19cf9248026", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43520", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mhgvmdarvj2q", "content": "", "creation_timestamp": "2026-03-19T21:02:59.187721Z"}, {"uuid": "b6bc600d-d1c3-46b7-a0af-1463778109ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://bsky.app/profile/kravietz.agora.echelon.pl.ap.brid.gy/post/3mcwrfusmbpb2", "content": "", "creation_timestamp": "2026-01-21T13:31:08.101230Z"}, {"uuid": "dd1515f8-ff07-43c8-a12a-0b48cb001796", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43520", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116262336964134871", "content": "", "creation_timestamp": "2026-03-20T16:01:16.467871Z"}, {"uuid": "17d8e390-eec1-472c-b335-60dd397e904d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43520", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6059879", "content": "", "creation_timestamp": "2026-03-20T16:06:58.661046Z"}, {"uuid": "dfe87924-8ef6-40d4-9625-2530f472b3fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-43520", "type": "seen", "source": "https://www.cisa.gov/news-events/alerts/2026/03/20/cisa-adds-five-known-exploited-vulnerabilities-catalog", "content": "", "creation_timestamp": "2026-03-20T12:00:00.000000Z"}, {"uuid": "ced00378-caab-4811-981b-492ad9c43910", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://infosec.exchange/users/Tinolle/statuses/115934594029960558", "content": "", "creation_timestamp": "2026-01-21T18:51:56.147184Z"}, {"uuid": "f4b5f510-8a75-4a79-9861-6275a13b5c1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43520", "type": "seen", "source": "https://notnow.dev/objects/6fde97d1-0698-479a-9bf9-00138b2af6dd", "content": "", "creation_timestamp": "2026-03-19T01:31:22.464106Z"}, {"uuid": "22f41aa3-0c5a-4c93-8e44-893f6c7afec0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-darksword-ios-flaws-exploited-attacks/", "content": "", "creation_timestamp": "2026-03-24T03:00:02.000000Z"}, {"uuid": "74939fe7-9c6f-45e8-9d8f-f41a15732be7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1762", "content": "", "creation_timestamp": "2026-02-12T04:00:00.000000Z"}, {"uuid": "99eabbe7-9e08-40bf-95ec-d6d6ec2a5202", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/c5b7cfe4-31dc-48ad-9aad-8e8bd3c6bf83", "content": "", "creation_timestamp": "2025-12-16T06:48:31.589489Z"}, {"uuid": "b9b2505b-3f6d-448c-bf38-1590b121e1eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43520", "type": "seen", "source": "https://notnow.dev/objects/18f251a1-97f6-48d9-8ffb-6461cec6c2d3", "content": "", "creation_timestamp": "2026-03-19T02:42:54.088937Z"}, {"uuid": "b42fad26-c6e7-4759-b694-8c2062900f66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-43520", "type": "seen", "source": "https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-darksword-ios-flaws-exploited-attacks/", "content": "", "creation_timestamp": "2026-03-24T03:00:02.000000Z"}, {"uuid": "977b6dbe-c386-4f10-8f90-5006b08e56ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "seen", "source": "Telegram/jE2wfhv1mMqWZIObHPZtKWiyEtFPlgN-4OaR3gg0wlKO0NQ", "content": "", "creation_timestamp": "2026-04-02T22:21:44.000000Z"}, {"uuid": "b08585b6-4b27-4042-84ab-086af72f5bcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43520", "type": "seen", "source": "https://gist.github.com/pliku/689f5640442d9187a0e7f743078ac9fc", "content": "", "creation_timestamp": "2026-04-03T10:53:16.000000Z"}, {"uuid": "2bad2086-9096-4d48-948b-a4ef6d8f1aef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "published-proof-of-concept", "source": "Telegram/BMdEgRboE--aFURE6a4AjLZvxCn4XDWP4SjG5kTXuVlP1fg", "content": "", "creation_timestamp": "2026-01-06T15:00:07.000000Z"}, {"uuid": "1bac6637-3593-4bc6-bbe3-e4b1273aac8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "exploited", "source": "Telegram/wxHNUGu4QWa8461pG-1Om629_xWDeFhqC7Pe3gbKodY6dQ", "content": "", "creation_timestamp": "2025-12-13T08:42:31.000000Z"}, {"uuid": "a8bd24c3-59a6-4886-9638-ea75f1554e65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43527", "type": "seen", "source": "Telegram/66rNhckXw4zokWNIHPPThoaB__3WddU1uelwxQvM_wROfLk", "content": "", "creation_timestamp": "2026-04-02T22:21:28.000000Z"}, {"uuid": "2fe382bc-596f-4d50-bf8c-9a5322920c3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43520", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mhw2ejbcj22z", "content": "", "creation_timestamp": "2026-03-25T21:38:02.226671Z"}, {"uuid": "3657e154-cffc-4e71-aee7-32a036c9ad68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-43520", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/apple-security-advisory-av25-722", "content": "", "creation_timestamp": "2026-03-20T18:07:07.000000Z"}, {"uuid": "cb6ff44c-02e4-4498-87ce-52b48a45e13d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43526", "type": "seen", "source": "Telegram/jE2wfhv1mMqWZIObHPZtKWiyEtFPlgN-4OaR3gg0wlKO0NQ", "content": "", "creation_timestamp": "2026-04-02T22:21:44.000000Z"}, {"uuid": "d65097e9-f415-474e-b3ad-243f9393ba9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43524", "type": "seen", "source": "https://www.thezdi.com/blog/2026/5/12/the-apple-macos-security-update-review", "content": "We\u2019ve received some feedback from those who read the Patch Blog that they would like something similar for macOS updates. Unfortunately, Apple doesn\u2019t schedule these for a particular day, but we can provide our thoughts and analysis on the days they do release their latest patches. \nFor May 2026, Apple released 82 unique CVEs across the three macOS versions: 79 for macOS Tahoe 26.5, 45 for macOS Sequoia 15.7.7, and 42 for macOS Sonoma 14.8.7. Since Apple doesn\u2019t provide CVSS scores or other severity information, we\u2019re left to speculate on which of these bugs is the most severe. However, there are a couple that stand out.\n-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; CVE-2026-28819 (Wi-Fi) stands out as the strongest candidate for the most severe as it states, \u201cAn app may be able to execute arbitrary code with kernel privileges.\u201d The combination of arbitrary code execution at the kernel level is about as bad as it gets on a severity scale. Plus, it affects all three macOS versions (Tahoe, Sequoia, and Sonoma).\n-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; CVE-2026-43668 (mDNSResponder) also piques my interest since, \u201cA remote attacker may be able to cause unexpected system termination or corrupt kernel memory.\u201d The remote attack vector with kernel memory corruption on all three OS versions makes this a serious one, especially since mDNSResponder is always running.\n-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; CVE-2026-28972 (Kernel) This one states that \u201cAn app may be able to cause unexpected system termination or write kernel memory.\u201d An out-of-bounds write directly into kernel memory on all three OS versions. This one may also have implications in the upcoming Pwn2Own Berlin contest.\nHere\u2019s a look at all the bugs released by Apple this month:\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n  \n  \n\n\n\n\n  \n    \n\n\n  82Unique CVEs\n  79macOS Tahoe 26.5\n  45macOS Sequoia 15.7.7\n  42macOS Sonoma 14.8.7\n\n\n\n\n&lt;colgroup&gt;\n  &lt;col /&gt;\n  &lt;col /&gt;\n  &lt;col /&gt;\n  &lt;col /&gt;\n  &lt;col /&gt;\n  &lt;col /&gt;\n&lt;/colgroup&gt;\n\n\n  \n    CVE ID\n    Component\n    Impact\n    macOS Tahoe 26.5\n    macOS Sequoia 15.7.7\n    macOS Sonoma 14.8.7\n  \n\n\n  \n    CVE-2026-28991\n    Accelerate\n    An app may be able to cause a denial-of-service\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28988\n    Accounts\n    An app may be able to bypass certain Privacy preferences\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28959\n    APFS\n    An app may be able to cause unexpected system termination\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28995\n    App Intents\n    A malicious app may be able to break out of its sandbox\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-1837\n    AppleJPEG\n    Processing a maliciously crafted image may lead to a denial-of-service\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28956\n    AppleJPEG\n    Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-39869\n    Audio\n    Processing an audio stream in a maliciously crafted media file may terminate the process\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28922\n    CoreMedia\n    An app may be able to access private information\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28936\n    CoreServices\n    Processing a maliciously crafted file may lead to unexpected app termination\n    Yes\n    No\n    Yes\n  \n  \n    CVE-2026-28918\n    CoreSymbolication\n    Parsing a maliciously crafted file may lead to an unexpected app termination\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28878\n    Crash Reporter\n    An app may be able to enumerate a user's installed apps\n    No\n    Yes\n    No\n  \n  \n    CVE-2026-28915\n    CUPS\n    An app may be able to gain root privileges\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-43659\n    FileProvider\n    An app may be able to access sensitive user data\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28923\n    GPU Drivers\n    A malicious app may be able to break out of its sandbox\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28925\n    HFS\n    An app may be able to cause unexpected system termination or write kernel memory\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2025-43524\n    Icons\n    An app may be able to break out of its sandbox\n    No\n    Yes\n    Yes\n  \n  \n    CVE-2026-43661\n    ImageIO\n    Processing a maliciously crafted image may corrupt process memory\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28977\n    ImageIO\n    Processing a maliciously crafted file may lead to unexpected app termination\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28990\n    ImageIO\n    Processing a maliciously crafted image may corrupt process memory\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28978\n    Installer\n    A malicious app may be able to break out of its sandbox\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28992\n    IOHIDFamily\n    An attacker may be able to cause unexpected app termination\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28943\n    IOHIDFamily\n    An app may be able to determine kernel memory layout\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28969\n    IOKit\n    An app may be able to cause unexpected system termination\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-43655\n    IOSurfaceAccelerator\n    An app may be able to cause unexpected system termination or read kernel memory\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-43654\n    Kernel\n    An app may be able to disclose kernel memory\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28908\n    Kernel\n    An app may be able to modify protected parts of the file system\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28954\n    Kernel\n    A maliciously crafted disk image may bypass Gatekeeper checks\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28897\n    Kernel\n    A local user may be able to cause unexpected system termination or read kernel memory\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28952\n    Kernel\n    An app may be able to cause unexpected system termination\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28951\n    Kernel\n    An app may be able to gain root privileges\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28972\n    Kernel\n    An app may be able to cause unexpected system termination or write kernel memory\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28986\n    Kernel\n    An app may be able to cause unexpected system termination\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28987\n    Kernel\n    An app may be able to leak sensitive kernel state\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28983\n    LaunchServices\n    A remote attacker may be able to cause a denial of service\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28929\n    Mail Drafts\n    Replying to an email could display remote images in Mail in Lockdown Mode\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-43653\n    mDNSResponder\n    An attacker on the local network may be able to cause a denial-of-service\n    Yes\n    No\n    Yes\n  \n  \n    CVE-2026-28985\n    mDNSResponder\n    An attacker on the local network may be able to cause a denial-of-service\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-43668\n    mDNSResponder\n    A remote attacker may be able to cause unexpected system termination or corrupt kernel memory\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-43666\n    mDNSResponder\n    An attacker on the local network may be able to cause a denial-of-service\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28941\n    Model I/O\n    Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents\n    Yes\n    Yes\n    No\n  \n  \n    CVE-2026-28940\n    Model I/O\n    Processing a maliciously crafted image may corrupt process memory\n    Yes\n    Yes\n    No\n  \n  \n    CVE-2026-28961\n    Network Extensions\n    An attacker with physical access to a locked device may be able to view sensitive user information\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28906\n    Networking\n    An attacker may be able to track users through their IP address\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28840\n    PackageKit\n    An app may be able to gain root privileges\n    No\n    Yes\n    Yes\n  \n  \n    CVE-2026-43656\n    Quick Look\n    Parsing a maliciously crafted file may lead to an unexpected app termination\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-43652\n    Sandbox\n    An app may be able to access protected user data\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-39870\n    SceneKit\n    Processing a maliciously crafted image may corrupt process memory\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28846\n    SceneKit\n    A remote attacker may be able to cause unexpected app termination\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28993\n    Shortcuts\n    An app may be able to access user-sensitive data\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28848\n    SMB\n    A remote attacker may be able to cause unexpected system termination\n    Yes\n    Yes\n    No\n  \n  \n    CVE-2026-28930\n    Spotlight\n    An app may be able to access protected user data\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28974\n    Spotlight\n    An app may be able to cause a denial-of-service\n    Yes\n    Yes\n    No\n  \n  \n    CVE-2026-28996\n    Storage\n    An app may be able to access sensitive user data\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28919\n    StorageKit\n    An app may be able to gain root privileges\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28924\n    Sync Services\n    An app may be able to access Contacts without user consent\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-39871\n    TV App\n    An app may be able to observe unprotected user data\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28976\n    UserAccountUpdater\n    An app may be able to gain root privileges\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-43660\n    WebKit\n    Processing maliciously crafted web content may prevent Content Security Policy from being enforced\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28907\n    WebKit\n    Processing maliciously crafted web content may prevent Content Security Policy from being enforced\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28962\n    WebKit\n    Processing maliciously crafted web content may disclose sensitive user information\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-43658\n    WebKit\n    Processing maliciously crafted web content may lead to an unexpected Safari crash\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28905\n    WebKit\n    Processing maliciously crafted web content may lead to an unexpected process crash\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28847\n    WebKit\n    Processing maliciously crafted web content may lead to an unexpected process crash\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28904\n    WebKit\n    Processing maliciously crafted web content may lead to an unexpected process crash\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28955\n    WebKit\n    Processing maliciously crafted web content may lead to an unexpected process crash\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28903\n    WebKit\n    Processing maliciously crafted web content may lead to an unexpected process crash\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28953\n    WebKit\n    Processing maliciously crafted web content may lead to an unexpected process crash\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28902\n    WebKit\n    Processing maliciously crafted web content may lead to an unexpected process crash\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28901\n    WebKit\n    Processing maliciously crafted web content may lead to an unexpected process crash\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28913\n    WebKit\n    Processing maliciously crafted web content may lead to an unexpected process crash\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28883\n    WebKit\n    Processing maliciously crafted web content may lead to an unexpected process crash\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28958\n    WebKit\n    An app may be able to access sensitive user data\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28917\n    WebKit\n    Processing maliciously crafted web content may lead to an unexpected process crash\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28947\n    WebKit\n    Processing maliciously crafted web content may lead to an unexpected Safari crash\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28946\n    WebKit\n    Processing maliciously crafted web content may lead to an unexpected Safari crash\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28942\n    WebKit\n    Processing maliciously crafted web content may lead to an unexpected Safari crash\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28971\n    WebKit\n    A malicious iframe may use another website's download settings\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28944\n    WebRTC\n    Processing maliciously crafted web content may lead to an unexpected process crash\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28819\n    Wi-Fi\n    An app may be able to execute arbitrary code with kernel privileges\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28994\n    Wi-Fi\n    An attacker in a privileged network position may be able to perform denial-of-service attack using crafted Wi-Fi packets\n    Yes\n    Yes\n    Yes\n  \n  \n    CVE-2026-28914\n    zip\n    A maliciously crafted ZIP archive may bypass Gatekeeper checks\n    Yes\n    No\n    No\n  \n  \n    CVE-2026-28920\n    zlib\n    Visiting a maliciously crafted website may leak sensitive data\n    Yes\n    Yes\n    Yes\n  \n\n\n\n\n\n  \n\n\n\n\n  \nWe\u2019ll continue these macOS updates if people find them useful. Stay tuned for the regularly schedule Patch Tuesday blog covering Adobe and Microsoft. ", "creation_timestamp": "2026-05-12T10:21:51.000000Z"}, {"uuid": "14953e6d-cdec-425f-942c-d4c6a6e5f420", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43520", "type": "exploited", "source": "https://t.me/true_secator/8007", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 Lookout Threat Labs \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043d\u043e\u0432\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442-\u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0442 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 iOS \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c DarkSword, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0448\u0438\u0440\u043e\u043a\u043e\u0433\u043e \u0441\u043f\u0435\u043a\u0442\u0440\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u0437 \u043a\u0440\u0438\u043f\u0442\u043e\u043a\u043e\u0448\u0435\u043b\u044c\u043a\u043e\u0432.\n\nDarkSword \u043d\u0430\u0446\u0435\u043b\u0435\u043d \u043d\u0430 iPhone \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c iOS 18.4\u201318.7 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d \u0441 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0433\u043e \u0435\u0433\u043e \u0430\u043d\u0430\u043b\u043e\u0433\u0430 Coruna,\u00a0\u0440\u0430\u0441\u043a\u0440\u044b\u0442\u043e\u0433\u043e \u0440\u0430\u043d\u0435\u0435 \u0432 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435.\n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c DarkSword \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0438\u0437\u0443\u0447\u0435\u043d\u0438\u044f \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b, \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0434\u043b\u044f \u0430\u0442\u0430\u043a Coruna, \u043f\u043e\u0441\u0438\u043b\u044c\u043d\u0443\u044e \u043f\u043e\u043c\u043e\u0449\u044c Lookout \u0434\u043b\u044f \u0431\u043e\u043b\u0435\u0435 \u0432\u0441\u0435\u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0435\u0433\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u0443\u0433\u0440\u043e\u0437\u044b \u043e\u043a\u0430\u0437\u0430\u043b\u0438 Google \u0438 iVerify.\n\n\u0412 \u043e\u0442\u0447\u0435\u0442\u0435 iVerify \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0432\u0441\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0432 DarkSword, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043f\u0443\u0442\u0430\u043d\u0438\u0446\u0443 \u0442\u0438\u043f\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f, \u0437\u0430\u043f\u0438\u0441\u044c \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u043e\u0433\u043e \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d\u0430, \u043e\u0448\u0438\u0431\u043a\u0438 \u044f\u0434\u0440\u0430, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u0440\u0438 \u0437\u0430\u043f\u0438\u0441\u0438, \u0438 \u043e\u0448\u0438\u0431\u043a\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u044f\u0434\u0440\u0430, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b (\u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b) \u0438 \u0443\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b Apple \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 iOS.\n\n\u0412\u0441\u0435 \u043e\u043d\u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a CVE-2025-31277, CVE-2025-43529, CVE-2026-20700, CVE-2025-14174, CVE-2025-43510 \u0438 CVE-2025-43520.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043b\u0438\u0447\u043d\u043e\u0441\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430, \u0441\u0442\u043e\u044f\u0449\u0435\u0433\u043e \u0437\u0430 DarkSword, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043d\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c, \u0432\u0441\u0435 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 UNC6353, \u043a\u043e\u0442\u043e\u0440\u044b\u0439, \u0441\u0443\u0434\u044f \u043f\u043e \u0432\u0441\u0435\u043c\u0443, \u0445\u043e\u0440\u043e\u0448\u043e \u0444\u0438\u043d\u0430\u043d\u0441\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0438 \u0438\u043c\u0435\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0443 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u0438 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 LLM \u0434\u043b\u044f \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u0438 DarkSword, \u0445\u043e\u0442\u044f \u0441\u0430\u043c\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e \u0434\u043e\u0432\u043e\u043b\u044c\u043d\u043e \u043f\u0440\u043e\u0434\u0432\u0438\u043d\u0443\u0442\u043e\u0435 \u0438 \u043d\u0435 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0434\u043d\u043e\u0440\u0430\u0437\u043e\u0432\u044b\u043c \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u043c, \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u043c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0418\u0418.\n\n\u0412 \u043e\u0442\u0447\u0435\u0442\u0435 Lookout \u043e\u0442\u043c\u0435\u0447\u0435\u043d\u043e, \u0447\u0442\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e \u043e\u0442\u043b\u0438\u0447\u0430\u0435\u0442\u0441\u044f \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u044c\u044e \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0438, \u043f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043f\u0440\u043e\u0444\u0435\u0441\u0441\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u0443\u044e \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0443, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0443\u044e \u0431\u044b\u0441\u0442\u0440\u043e \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u043c\u043e\u0434\u0443\u043b\u0438 \u0437\u0430 \u0441\u0447\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u044f\u0437\u044b\u043a\u0443 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u044b\u0441\u043e\u043a\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442-\u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0442\u0430 DarkSword, \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u043c\u043e\u0433\u043e \u0432 \u043e\u0434\u0438\u043d \u043a\u043b\u0438\u043a, iVerify \u0442\u0430\u043a\u0436\u0435 \u043d\u0430\u0448\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f Safari \u0441 \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u0438\u0437 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u044b, \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043f\u0430\u043c\u044f\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b \u043a\u0440\u0430\u0441\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0441 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0430\u0442\u0430\u043a\u0438 DarkSword \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435 Safari, \u0433\u0434\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b \u043f\u043e\u043b\u0443\u0447\u0430\u044e\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0447\u0442\u0435\u043d\u0438\u044e/\u0437\u0430\u043f\u0438\u0441\u0438 \u044f\u0434\u0440\u0430, \u0430 \u0437\u0430\u0442\u0435\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0442 \u043a\u043e\u0434 \u0447\u0435\u0440\u0435\u0437 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 \u043e\u0440\u043a\u0435\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 (pe_main.js).\n\n\u041d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u043a\u0430\u043a \u0438\u043c\u0435\u043d\u043d\u043e \u0431\u044b\u043b\u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u044b \u0441\u0430\u0439\u0442\u044b, \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0432 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043d\u043e \u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u0431\u044b\u043b\u0438 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u044b\u0435 \u043f\u0440\u0430\u0432\u0430 \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 iframe-\u044d\u043b\u0435\u043c\u0435\u043d\u0442\u043e\u0432 \u0432 HTML-\u043a\u043e\u0434 \u044d\u0442\u0438\u0445 \u0441\u0430\u0439\u0442\u043e\u0432.\n\n\u041e\u0440\u043a\u0435\u0441\u0442\u0440\u0430\u0442\u043e\u0440 \u0432\u043d\u0435\u0434\u0440\u044f\u0435\u0442 JavaScript-\u0434\u0432\u0438\u0436\u043e\u043a \u0432 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0441\u043b\u0443\u0436\u0431\u044b iOS, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a App Access, Wi-Fi, Springboard, Keychain \u0438 iCloud, \u0430 \u0437\u0430\u0442\u0435\u043c \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u0443\u0435\u0442 \u043c\u043e\u0434\u0443\u043b\u0438 \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0443 Lookout, \u0432 \u0447\u0438\u0441\u043b\u043e \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u0432, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 DarkSword, \u0432\u0445\u043e\u0434\u044f\u0442: \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0435 \u043f\u0430\u0440\u043e\u043b\u0438, \u0444\u043e\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0438, \u0431\u0430\u0437\u044b \u0434\u0430\u043d\u043d\u044b\u0445 WhatsApp \u0438 Telegram, \u043a\u0440\u0438\u043f\u0442\u043e\u043a\u043e\u0448\u0435\u043b\u044c\u043a\u0438 (Coinbase, Binance, Ledger \u0438 \u0434\u0440.), SMS, \u043a\u043e\u043d\u0442\u0430\u043a\u0442\u044b, \u0438\u0441\u0442\u043e\u0440\u0438\u044f \u0437\u0432\u043e\u043d\u043a\u043e\u0432, \u043c\u0435\u0441\u0442\u043e\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u0438\u0439, \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430, cookies, Wi-Fi \u0438 \u043f\u0430\u0440\u043e\u043b\u0438, Apple Health, \u043a\u0430\u043b\u0435\u043d\u0434\u0430\u0440\u044c, \u0437\u0430\u043c\u0435\u0442\u043a\u0438, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u044b.\n\nDarkSword \u0443\u0434\u0430\u043b\u044f\u0435\u0442 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0438 \u0437\u0430\u0432\u0435\u0440\u0448\u0430\u0435\u0442 \u0440\u0430\u0431\u043e\u0442\u0443, \u043a\u043e\u0433\u0434\u0430 \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u0430\u044f \u0432\u044b\u0448\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043f\u0435\u0440\u0435\u0434\u0430\u0435\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c, \u0447\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043e\u043d \u043d\u0435 \u0431\u044b\u043b \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0434\u043e\u043b\u0433\u043e\u0441\u0440\u043e\u0447\u043d\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439 \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u0439\u043d\u0430\u0436\u0443.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c iPhone \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c iOS \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 26.3.1 (\u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f), \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u043e\u0439 \u0440\u0430\u043d\u0435\u0435 \u0432 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435, \u0438 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0440\u0435\u0436\u0438\u043c \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438,\u00a0\u0435\u0441\u043b\u0438 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432\u044b\u0441\u043e\u043a\u0438\u0439 \u0440\u0438\u0441\u043a \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u041f\u041e.", "creation_timestamp": "2026-03-18T15:22:35.000000Z"}, {"uuid": "433b23e4-7c67-4d4f-8900-1d98eb161b2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "exploited", "source": "https://t.me/true_secator/8007", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 Lookout Threat Labs \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043d\u043e\u0432\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442-\u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0442 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 iOS \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c DarkSword, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0448\u0438\u0440\u043e\u043a\u043e\u0433\u043e \u0441\u043f\u0435\u043a\u0442\u0440\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u0437 \u043a\u0440\u0438\u043f\u0442\u043e\u043a\u043e\u0448\u0435\u043b\u044c\u043a\u043e\u0432.\n\nDarkSword \u043d\u0430\u0446\u0435\u043b\u0435\u043d \u043d\u0430 iPhone \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c iOS 18.4\u201318.7 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d \u0441 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0433\u043e \u0435\u0433\u043e \u0430\u043d\u0430\u043b\u043e\u0433\u0430 Coruna,\u00a0\u0440\u0430\u0441\u043a\u0440\u044b\u0442\u043e\u0433\u043e \u0440\u0430\u043d\u0435\u0435 \u0432 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435.\n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c DarkSword \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0438\u0437\u0443\u0447\u0435\u043d\u0438\u044f \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b, \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0434\u043b\u044f \u0430\u0442\u0430\u043a Coruna, \u043f\u043e\u0441\u0438\u043b\u044c\u043d\u0443\u044e \u043f\u043e\u043c\u043e\u0449\u044c Lookout \u0434\u043b\u044f \u0431\u043e\u043b\u0435\u0435 \u0432\u0441\u0435\u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0435\u0433\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u0443\u0433\u0440\u043e\u0437\u044b \u043e\u043a\u0430\u0437\u0430\u043b\u0438 Google \u0438 iVerify.\n\n\u0412 \u043e\u0442\u0447\u0435\u0442\u0435 iVerify \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0432\u0441\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0432 DarkSword, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043f\u0443\u0442\u0430\u043d\u0438\u0446\u0443 \u0442\u0438\u043f\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f, \u0437\u0430\u043f\u0438\u0441\u044c \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u043e\u0433\u043e \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d\u0430, \u043e\u0448\u0438\u0431\u043a\u0438 \u044f\u0434\u0440\u0430, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u0440\u0438 \u0437\u0430\u043f\u0438\u0441\u0438, \u0438 \u043e\u0448\u0438\u0431\u043a\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u044f\u0434\u0440\u0430, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b (\u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b) \u0438 \u0443\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b Apple \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 iOS.\n\n\u0412\u0441\u0435 \u043e\u043d\u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a CVE-2025-31277, CVE-2025-43529, CVE-2026-20700, CVE-2025-14174, CVE-2025-43510 \u0438 CVE-2025-43520.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043b\u0438\u0447\u043d\u043e\u0441\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430, \u0441\u0442\u043e\u044f\u0449\u0435\u0433\u043e \u0437\u0430 DarkSword, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043d\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c, \u0432\u0441\u0435 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 UNC6353, \u043a\u043e\u0442\u043e\u0440\u044b\u0439, \u0441\u0443\u0434\u044f \u043f\u043e \u0432\u0441\u0435\u043c\u0443, \u0445\u043e\u0440\u043e\u0448\u043e \u0444\u0438\u043d\u0430\u043d\u0441\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0438 \u0438\u043c\u0435\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0443 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u0438 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 LLM \u0434\u043b\u044f \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u0438 DarkSword, \u0445\u043e\u0442\u044f \u0441\u0430\u043c\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e \u0434\u043e\u0432\u043e\u043b\u044c\u043d\u043e \u043f\u0440\u043e\u0434\u0432\u0438\u043d\u0443\u0442\u043e\u0435 \u0438 \u043d\u0435 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0434\u043d\u043e\u0440\u0430\u0437\u043e\u0432\u044b\u043c \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u043c, \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u043c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0418\u0418.\n\n\u0412 \u043e\u0442\u0447\u0435\u0442\u0435 Lookout \u043e\u0442\u043c\u0435\u0447\u0435\u043d\u043e, \u0447\u0442\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e \u043e\u0442\u043b\u0438\u0447\u0430\u0435\u0442\u0441\u044f \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u044c\u044e \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0438, \u043f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043f\u0440\u043e\u0444\u0435\u0441\u0441\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u0443\u044e \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0443, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0443\u044e \u0431\u044b\u0441\u0442\u0440\u043e \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u043c\u043e\u0434\u0443\u043b\u0438 \u0437\u0430 \u0441\u0447\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u044f\u0437\u044b\u043a\u0443 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u044b\u0441\u043e\u043a\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442-\u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0442\u0430 DarkSword, \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u043c\u043e\u0433\u043e \u0432 \u043e\u0434\u0438\u043d \u043a\u043b\u0438\u043a, iVerify \u0442\u0430\u043a\u0436\u0435 \u043d\u0430\u0448\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f Safari \u0441 \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u0438\u0437 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u044b, \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043f\u0430\u043c\u044f\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b \u043a\u0440\u0430\u0441\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0441 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0430\u0442\u0430\u043a\u0438 DarkSword \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435 Safari, \u0433\u0434\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b \u043f\u043e\u043b\u0443\u0447\u0430\u044e\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0447\u0442\u0435\u043d\u0438\u044e/\u0437\u0430\u043f\u0438\u0441\u0438 \u044f\u0434\u0440\u0430, \u0430 \u0437\u0430\u0442\u0435\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0442 \u043a\u043e\u0434 \u0447\u0435\u0440\u0435\u0437 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 \u043e\u0440\u043a\u0435\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 (pe_main.js).\n\n\u041d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u043a\u0430\u043a \u0438\u043c\u0435\u043d\u043d\u043e \u0431\u044b\u043b\u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u044b \u0441\u0430\u0439\u0442\u044b, \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0432 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043d\u043e \u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u0431\u044b\u043b\u0438 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u044b\u0435 \u043f\u0440\u0430\u0432\u0430 \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 iframe-\u044d\u043b\u0435\u043c\u0435\u043d\u0442\u043e\u0432 \u0432 HTML-\u043a\u043e\u0434 \u044d\u0442\u0438\u0445 \u0441\u0430\u0439\u0442\u043e\u0432.\n\n\u041e\u0440\u043a\u0435\u0441\u0442\u0440\u0430\u0442\u043e\u0440 \u0432\u043d\u0435\u0434\u0440\u044f\u0435\u0442 JavaScript-\u0434\u0432\u0438\u0436\u043e\u043a \u0432 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0441\u043b\u0443\u0436\u0431\u044b iOS, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a App Access, Wi-Fi, Springboard, Keychain \u0438 iCloud, \u0430 \u0437\u0430\u0442\u0435\u043c \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u0443\u0435\u0442 \u043c\u043e\u0434\u0443\u043b\u0438 \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0443 Lookout, \u0432 \u0447\u0438\u0441\u043b\u043e \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u0432, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 DarkSword, \u0432\u0445\u043e\u0434\u044f\u0442: \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0435 \u043f\u0430\u0440\u043e\u043b\u0438, \u0444\u043e\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0438, \u0431\u0430\u0437\u044b \u0434\u0430\u043d\u043d\u044b\u0445 WhatsApp \u0438 Telegram, \u043a\u0440\u0438\u043f\u0442\u043e\u043a\u043e\u0448\u0435\u043b\u044c\u043a\u0438 (Coinbase, Binance, Ledger \u0438 \u0434\u0440.), SMS, \u043a\u043e\u043d\u0442\u0430\u043a\u0442\u044b, \u0438\u0441\u0442\u043e\u0440\u0438\u044f \u0437\u0432\u043e\u043d\u043a\u043e\u0432, \u043c\u0435\u0441\u0442\u043e\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u0438\u0439, \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430, cookies, Wi-Fi \u0438 \u043f\u0430\u0440\u043e\u043b\u0438, Apple Health, \u043a\u0430\u043b\u0435\u043d\u0434\u0430\u0440\u044c, \u0437\u0430\u043c\u0435\u0442\u043a\u0438, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u044b.\n\nDarkSword \u0443\u0434\u0430\u043b\u044f\u0435\u0442 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0438 \u0437\u0430\u0432\u0435\u0440\u0448\u0430\u0435\u0442 \u0440\u0430\u0431\u043e\u0442\u0443, \u043a\u043e\u0433\u0434\u0430 \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u0430\u044f \u0432\u044b\u0448\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043f\u0435\u0440\u0435\u0434\u0430\u0435\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c, \u0447\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043e\u043d \u043d\u0435 \u0431\u044b\u043b \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0434\u043e\u043b\u0433\u043e\u0441\u0440\u043e\u0447\u043d\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439 \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u0439\u043d\u0430\u0436\u0443.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c iPhone \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c iOS \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 26.3.1 (\u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f), \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u043e\u0439 \u0440\u0430\u043d\u0435\u0435 \u0432 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435, \u0438 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0440\u0435\u0436\u0438\u043c \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438,\u00a0\u0435\u0441\u043b\u0438 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432\u044b\u0441\u043e\u043a\u0438\u0439 \u0440\u0438\u0441\u043a \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u041f\u041e.", "creation_timestamp": "2026-03-18T15:22:35.000000Z"}, {"uuid": "9a05ac5c-c5ef-4786-9e80-7c89bb37aa0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "exploited", "source": "https://t.me/true_secator/7903", "content": "Apple \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043f\u0435\u0440\u0432\u043e\u0439 \u0432 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443 0-day (\u0432 2025 \u0438\u0445 \u0431\u044b\u043b\u043e 7), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u00ab\u0447\u0440\u0435\u0437\u0432\u044b\u0447\u0430\u0439\u043d\u043e \u0438\u0437\u043e\u0449\u0440\u0435\u043d\u043d\u043e\u0439 \u0430\u0442\u0430\u043a\u0435\u00bb, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u0443\u0437\u043a\u0438\u0439 \u043a\u0440\u0443\u0433 \u043b\u0438\u0446 \u043d\u0430 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 iOS \u0434\u043e 26.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2026-20700 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 dyld, \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0435\u043c\u043e\u043c \u0440\u0435\u0434\u0430\u043a\u0442\u043e\u0440\u0435, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u043c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u043c\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438 Apple, \u0432\u043a\u043b\u044e\u0447\u0430\u044f iOS, iPadOS, macOS, tvOS, watchOS \u0438 visionOS.\n\n\u0412 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435 Apple \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442\u0441\u044f \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u043e\u0431\u043b\u0430\u0434\u0430\u044e\u0449\u0438\u0439 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u0437\u0430\u043f\u0438\u0441\u0438 \u0432 \u043f\u0430\u043c\u044f\u0442\u044c, \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\n\u0412 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0437\u0430\u044f\u0432\u043b\u044f\u044e\u0442, \u0447\u0442\u043e \u0438\u043c \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f\u0445 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u044d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043d\u0430\u0440\u044f\u0434\u0443 \u0441 CVE-2025-14174 \u0438 CVE-2025-43529, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u043c\u0438 \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435, \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0432 \u043e\u0434\u043d\u0438\u0445 \u0438 \u0442\u0435\u0445 \u0436\u0435 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u0445.\n\nApple \u043f\u0440\u0438\u043f\u0438\u0441\u0430\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 CVE-2026-20700 Google TAG, \u043d\u043e \u043d\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043e \u0442\u043e\u043c, \u043a\u0430\u043a \u0438\u043c\u0435\u043d\u043d\u043e \u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430.\n\n\u041a \u0447\u0438\u0441\u043b\u0443 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f: iPhone 11 (\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0435 \u043c\u043e\u0434\u0435\u043b\u0438), iPad Pro 12,9 \u0434\u044e\u0439\u043c\u0430 (3-\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f), iPad Pro 11 \u0434\u044e\u0439\u043c\u043e\u0432 (1-\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f), iPad Air (3-\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f), iPad (8-\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f), iPad mini (5-\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439), \u0430 \u0442\u0430\u043a\u0436\u0435 Mac \u043d\u0430 macOS Tahoe.\n\nApple \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 iOS 18.7.5, iPadOS 18.7.5, macOS Tahoe 26.3, tvOS 26.3, watchOS 26.3 \u0438 visionOS 26.3.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u043d\u0430\u043a\u0430\u0442\u0438\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u0441\u0432\u043e\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.", "creation_timestamp": "2026-02-12T10:30:05.000000Z"}, {"uuid": "efe4d89d-dc1e-4202-8353-b9e33ddc4fe5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43529", "type": "published-proof-of-concept", "source": "Telegram/9SS8wnntZTDHhPirlI1D0mcsGjCiHrfpgOECZvIj5SmuXrk", "content": "", "creation_timestamp": "2026-01-13T09:00:27.000000Z"}, {"uuid": "8a39647d-69b9-4b14-a11c-915aa5897b0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4352", "type": "exploited", "source": "https://t.me/cvedetector/24606", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-4352 - Golden Link Secondary System SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-4352 \nPublished : May 6, 2025, 12:15 p.m. | 1\u00a0hour, 46\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, has been found in Golden Link Secondary System up to 20250424. This issue affects some unknown processing of the file /reprotframework/tcEntrFlowSelect.htm. The manipulation of the argument custTradeId leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-06T16:09:31.000000Z"}, {"uuid": "7fbd8a36-91e2-4ca5-aa9e-63272ea5aa75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4352", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15094", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4352\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as critical, has been found in Golden Link Secondary System up to 20250424. This issue affects some unknown processing of the file /reprotframework/tcEntrFlowSelect.htm. The manipulation of the argument custTradeId leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-05-06T12:00:07.536Z\n\ud83d\udccf Modified: 2025-05-06T12:00:07.536Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.307469\n2. https://vuldb.com/?ctiid.307469\n3. https://vuldb.com/?submit.564592\n4. https://github.com/eeeeeekkkkkkkk/POC/blob/main/%E9%BB%84%E9%87%91%E9%80%9A%E4%BA%8C%E7%BA%A7%E7%B3%BB%E7%BB%9F%E4%B8%89%E4%BB%A3%E7%AE%A1%E7%90%86%E7%AB%AF%E7%B3%BB%E7%BB%9FtcEntrFlowSelect%E6%8E%A5%E5%8F%A3%E5%AD%98%E5%9C%A8SQL%E6%B3%A8%E5%85%A5.md", "creation_timestamp": "2025-05-06T12:20:53.000000Z"}, {"uuid": "c81bc80b-2ee7-47cf-9f73-ab29e914a9a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-43524", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/apple-products-multiple-vulnerabilities_20260513", "content": "", "creation_timestamp": "2026-05-12T18:00:00.000000Z"}]}