Who: Apple released an emergency update to patch CVE-2025-24200, a zero-day vulnerability discovered by security researcher Bill Marczak of The Citizen Lab.
What: The flaw, an authorization issue, allows attackers with physical access to disable USB Restricted Mode on locked iOS devices, potentially bypassing security measures used to prevent unauthorized data extraction.
Impact: The vulnerability has been exploited in targeted attacks, likely by sophisticated actors. Apple addressed the issue with improved state management in iOS 18.3.1 and iPadOS 18.3.1, urging affected users to update immediately.
Read the full article HERE