Sustained Exploitation Activity and KEV Updates Marked This Week’s Threat Landscape

The past week witnessed notable developments in the cybersecurity landscape, with increased exploitation activity and critical updates from security agencies and industry researchers.

The Cybersecurity and Infrastructure Security Agency (CISA) added six vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including three impacting multiple products from Apple Inc., along with individual vulnerabilities affecting Langflow, Laravel, and Craft CMS. These additions reflected continued real-world exploitation across both enterprise platforms and modern development tools.

In parallel, researchers reported a significant supply chain attack targeting Trivy, an open-source vulnerability scanner widely used in CI/CD pipelines, involving the exploitation of a vulnerability in Aqua Security’s Trivy, attributed to the threat group TeamPCP and first observed on March 19, 2026. Additionally, Google revealed that the DarkSword exploit chain was actively leveraged by multiple threat actors to compromise iOS devices across various regions through coordinated multi-vulnerability attacks.

Key points:

• 6 vulnerabilities added to the CISA KEV catalog  
• Google Discloses Sophisticated iOS Exploit Chain "DarkSword" Targeting Global Users
• Supply Chain Attack via Trivy Impacts CI/CD Pipelines Across Multiple Projects

Several high-impact vulnerabilities are currently trending across the cybersecurity community, demanding immediate attention and patch prioritization. Monitoring these emerging and widely discussed threats provides valuable insights, enabling organizations to make informed security decisions and strengthen their overall defense posture.

CVE-2026-33017 - Code Injection vulnerability in Langflow

A Code Injection vulnerability was identified in Langflow, an open-source artificial intelligence platform, where an unauthenticated remote attacker could achieve arbitrary code execution by exploiting a publicly accessible API endpoint. The flaw resided in the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint, which allowed building public flows without requiring any authentication when the optional data parameter was supplied, the endpoint processed attacker-controlled flow data containing arbitrary Python code embedded in node definitions, which was then passed directly to Python's exec() function with zero sandboxing or input validation, resulting in immediate unauthenticated remote code execution on the underlying host. Exploitation of the vulnerability was assessed as extremely easy, requiring nothing more than a single crafted HTTP POST request with malicious Python code embedded in the JSON payload, triggering code execution without any prior access or credentials. The vulnerability affected all versions of Langflow up to and including 1.8.1, and was addressed in the development release 1.9.0.dev8. The severity of the flaw was further underscored by the speed of its in-the-wild exploitation cloud security firm Sysdig observed the first active exploitation attempts targeting CVE-2026-33017 within just 20 hours of the advisory's public disclosure on March 17, 2026. Given its active exploitation in the wild, the vulnerability was added to the CISA KEV catalog this week.

CVE-2025-31277 - Buffer Overflow vulnerability in Apple multiple products

A Buffer Overflow vulnerability was identified in multiple Apple products, where processing maliciously crafted web content could lead to memory corruption. The flaw affected Safari, iOS, iPadOS, macOS, watchOS, tvOS, and visionOS. Apple resolved the vulnerability in 2025 across all impacted platforms with the release of Safari 18.6, iOS and iPadOS 18.6, macOS Sequoia 15.6, watchOS 11.6, tvOS 18.6, and visionOS 2.6. The vulnerability was identified as a component of the DarkSword full-chain iOS exploit, recently uncovered by Google Threat Intelligence Group, where it was specifically exploited during the Remote Code Execution stage leveraged as a JIT optimization and type confusion bug in JavaScriptCore, Apple's JavaScript engine used in WebKit and Safari, to develop fakeobj and addrof primitives and build arbitrary read/write capabilities on devices running iOS 18.4 through 18.5. Given its active exploitation as part of DarkSword, the vulnerability was added to the CISA KEV catalog this week.

CVE-2025-32432 - Code Injection vulnerability in Craft CMS

A Code Injection vulnerability was identified in Craft CMS, where a remote attacker could execute arbitrary code on affected installations without authentication. Craft CMS is a flexible and widely deployed content management system used across enterprise and commercial web platforms, making it a high-value target for exploitation. The flaw existed in Craft CMS's image transform functionality, where the system failed to properly validate user-supplied input passed through HTTP request parameters, allowing an unauthenticated attacker to inject and execute arbitrary PHP code server-side by sending a specially crafted POST request to the transform endpoint without requiring a valid account or session. The vulnerability affected a broad range of versions spanning three major release lines, from 3.0.0-RC1 prior to 3.9.15, from 4.0.0-RC1 prior to 4.14.15, and from 5.0.0-RC1 prior to 5.6.17. Craft CMS resolved the vulnerability with the release of versions 3.9.15, 4.14.15, and 5.6.17 in April 2025, and given its active exploitation in the wild, the vulnerability was added to the CISA KEV catalog this week.

CVE-2025-43510 - Improper Locking vulnerability in Apple multiple products

An Improper Locking vulnerability was identified in multiple Apple products, where a malicious application could cause unexpected changes in memory shared between processes. The flaw affected iOS, iPadOS, macOS, watchOS, tvOS, and visionOS across several active releases. Apple resolved the vulnerability with the release of watchOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, visionOS 26.1, and tvOS 26.1. The vulnerability was identified as a component of the DarkSword full-chain iOS exploit, recently uncovered by Google Threat Intelligence Group, where it was specifically exploited during the second sandbox escape stage leveraged to pivot execution from Safari's GPU process into the mediaplaybackd system service, a critical step in progressing toward full kernel-level device compromise. Given its active exploitation as part of DarkSword, the vulnerability was added to the CISA KEV catalog this week.

CVE-2025-43520 - Classic Buffer Overflow vulnerability in Apple multiple products

A Classic Buffer Overflow vulnerability was identified in multiple Apple products, where a malicious application could cause unexpected system termination or write directly to kernel memory. The flaw affected iOS, iPadOS, macOS, watchOS, tvOS, and visionOS across several active releases. Apple resolved the vulnerability in 2025 with the release of watchOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, visionOS 26.1, and tvOS 26.1. The vulnerability was identified as a component of the DarkSword full-chain iOS exploit, recently uncovered by Google Threat Intelligence Group where it was specifically exploited during the Local Privilege Escalation stage leveraged as a kernel-mode race condition in XNU's virtual filesystem (VFS) implementation to build physical and virtual memory read/write primitives, ultimately achieving full kernel privileges on the compromised device. Given its active exploitation as part of DarkSword, the vulnerability was added to the CISA Known Exploited Vulnerabilities (KEV) catalog this week.

CVE-2025-54068 - Code Injection vulnerability in Laravel Livewire

A Code Injection vulnerability was identified in Laravel Livewire, where unauthenticated attackers could achieve remote command execution under specific conditions. Laravel Livewire is a widely adopted full-stack framework that enables developers to build dynamic, real-time web interfaces using minimal JavaScript, making it a core component of modern Laravel application development. The flaw affected all versions of Livewire up to and including v3.6.3, where insufficient validation of user-supplied input allowed malicious payloads to be injected and executed server-side without requiring any authentication, potentially granting attackers full control over the underlying host. The vulnerability stemmed from Livewire's component update mechanism, which processes serialized component state and action payloads transmitted between the client and server an attacker could craft a malicious request to manipulate this deserialization flow and trigger arbitrary PHP code execution. Laravel Livewire resolved the vulnerability with the release of v3.6.4 in July 2025, and given its active exploitation in the wild, the vulnerability was added to the CISA KEV catalog this week.

Cytellite telemetry captured active exploit attempts and mass scanning campaigns against exposed services globally. The data highlights which vulnerabilities are under attack and provides source IPs and payloads to authorized teams for detailed threat analysis and validation.

Active malware campaigns exploited specific vulnerabilities to deliver payloads and carry out post-exploitation actions. Each targeted vulnerability is proactively monitored, manually analysed, and mapped to MITRE ATT&CK tactics and techniques. Insights are derived from the LOVI vulnerability intelligence platform, which aggregates and curates data from multiple sources, OSINT groups, blogs, and data leak sites.

Supply Chain Attack via Trivy Impacts CI/CD Pipelines Across Multiple Projects

According to Sysdig, a sophisticated and wide-reaching supply chain attack was carried out by the threat group TeamPCP beginning March 19,2026, targeting Trivy, an open-source vulnerability scanning tool widely integrated into CI/CD pipelines.  TeamPCP leveraged credentials stolen during a prior Trivy compromise in late February 2026 to forcibly override 76 out of 77 version tags in the aquasecurity/trivy-action repository and all 7 tags in aquasecurity/setup-trivy, silently redirecting trusted pipeline versions to malicious commits while release metadata showed no visible changes. The group subsequently expanded their campaign to compromise Checkmarx KICS GitHub Actions, Checkmarx AST, and OpenVSX extensions, and directly published malicious versions of the LiteLLM AI gateway library (v1.82.7 and v1.82.8) to PyPI on March 24, 2026, embedding credential-stealing malware in proxy_server.py that exfiltrated stolen data to models.litellm[.]cloud. As part of their post-exploitation activity, TeamPCP deployed the PCP InfoStealer across compromised environments to harvest SSH keys, cloud access tokens, and cryptocurrency wallets, while also deploying persistent backdoors in Kubernetes clusters and launching the self-replicating CanisterWorm worm across the JavaScript npm ecosystem. Notably, the attackers' code contained destructive logic that wiped entire Kubernetes clusters and all associated nodes if Farsi was detected as the primary language or the Tehran time zone was identified on the compromised system. In total, more than 20,000 repositories were considered potentially vulnerable, with the attackers claiming to have exfiltrated hundreds of gigabytes of data and over 500,000 compromised accounts.

Google Discloses Sophisticated iOS Exploit Chain "DarkSword" Targeting Global Users

According to Google, the DarkSword exploit chain was utilized by threat actors UNC6748, PARS Defense, and UNC6353 to compromise iOS devices through various campaigns across Saudi Arabia, Turkey, Malaysia, and Ukraine. This sophisticated operation leveraged six distinct vulnerabilities CVE-2025-31277, CVE-2026-20700, CVE-2025-43529, CVE-2025-14174, CVE-2025-43510, and CVE-2025-43520 to achieve full-chain exploitation. These actors deployed malicious payloads like GHOSTKNIFE, GHOSTSABER, and GHOSTBLADE via Snapchat-themed decoys and "Watering Hole" attacks to exfiltrate sensitive data from targets. The vulnerabilities spanned remote code execution, sandbox escapes, and privilege escalation, all of which were successfully patched following the investigation.

Open-Source Software (OSS) vulnerabilities are security weaknesses discovered in publicly available codebases that can be exploited across widely used libraries, frameworks, and tools, often impacting thousands of downstream applications.

PRE-NVD vulnerabilities refer to security flaws that are discovered, discussed, or even exploited in the wild before their official inclusion in the National Vulnerability Database (NVD). These early-stage vulnerabilities often emerge through threat actor chatter, exploit proof-of-concepts, and technical disclosures shared across social media platforms and underground forums, signaling potential exploitation risks before public awareness.

Overall, the week highlighted continued exploitation across widely used technologies, including Apple Inc., Laravel, Craft CMS, Langflow, and supply chain risks involving Trivy. These developments emphasized the need for real-time visibility and prioritization of actively exploited vulnerabilities beyond just patch availability. Organizations relying on delayed remediation remained exposed to evolving threats and coordinated attack campaigns. Leveraging platforms like Loginsoft Vulnerability Intelligence (LOVI) enabled proactive defense through timely intelligence, risk prioritization, and faster response.

FAQs

1) What is Langflow?

Langflow is an open-source visual tool for building applications powered by large language models using a drag-and-drop interface.It allows users to create, test, and manage AI workflows without extensive coding. It is commonly used for building chatbots, RAG pipelines, and LLM-based automation.  

2) What is Laravel Livewire?

Laravel Livewire is a full-stack framework for Laravel that enables dynamic, real-time interfaces with minimal JavaScript. It allows developers to build interactive UI components directly using server-side logic. It is widely used to simplify modern web application development within the Laravel ecosystem.

3) Does inclusion in the CISA KEV catalog mean exploitation is widespread?

Not necessarily widespread - but confirmed. KEV inclusion indicates verified in-the-wild exploitation. While the scale may vary, the operational reality is that threat actors possess working exploits, making patch prioritization urgent regardless of observed targeting volume.

4) How does LOVI help organizations manage vulnerabilities effectively?

Loginsoft Vulnerability Intelligence empowers you to efficiently prioritize and respond to potential vulnerabilities by focusing on those actively exploited in the wild. LOVI correlates vulnerability data with real-world threat activity to reduce noise and improve decision-making. This approach enables faster remediation and stronger security posture.

5) What is Cytellite?

Cytellite is a Loginsoft security intelligence platform that provides real-time visibility into emerging threats through a global sensor network. It delivers actionable IP intelligence to help organizations detect, analyze, and respond to attacks quickly. By correlating threat data with live activity, Cytellite strengthens resilience across dynamic threat landscapes.