Apple has released urgent security updates to address two zero-day vulnerabilities, CVE-2025-31200 and CVE-2025-31201, that were exploited in sophisticated attacks on specific iPhone users. These vulnerabilities affect multiple Apple operating systems and devices, including iOS and macOS, and users are strongly urged to install the updates promptly to safeguard their devices. Since the beginning of the year, Apple has remedied five zero-day vulnerabilities.

Researchers have discovered that the defenses implemented by Apple and Google against "juice jacking," a method of data theft via malicious chargers, can be easily bypassed. Their new attack, termed ChoiceJacking, exploits vulnerabilities in the USB protocol, allowing attackers to gain unauthorized access to sensitive data on mobile devices. Despite recent updates from both companies, many Android devices remain at risk due to fragmentation and incomplete implementations of security measures.

A fake "My Vodafone" app was distributed to targets via SMS, claiming to restore mobile data connectivity after an attacker disabled their connection. The app, signed with an enterprise certificate, contains multiple privilege escalation exploits, including an unusual sixth exploit related to the iPhone's Display Co-Processor (DCP), which raises concerns about the security implications of compromising such co-processors in modern devices.

Apple released a security patch for CVE-2025-43300, addressing an out-of-bounds write vulnerability in the ImageIO framework that could be exploited in zero-click attacks. The article provides a detailed root cause analysis of the vulnerability and the changes made in the patch, focusing on the modifications in the RawCamera file and the implications for image processing. Researchers have previously explored the vulnerability, revealing its connections to JPEG Lossless compression in DNG files.

Cisco has issued security updates for a critical zero-day vulnerability (CVE-2025-20352) in its IOS and IOS XE Software, which is actively being exploited. The flaw allows remote attackers to execute code on vulnerable systems or cause denial-of-service conditions, prompting Cisco to recommend immediate upgrades to secure software versions.