CVE-2025-24803

MobSF contains a Stored XSS in the iOS Dynamic Analyzer due to unsanitized CFBundleIdentifier input from Corellium in dynamic_analysis.html. An attacker can modify Info.plist to include special characters and trigger HTML context breaks when a malicious app is uploaded, enabling actions as users ...

PT-2025-5745

Name of the Vulnerable Software and Affected Versions: Mobile Security Framework MobSF versions prior to 4.3.1 Description: The issue concerns a stored cross-site scripting XSS vulnerability in the iOS Dynamic Analyzer functionality of the Mobile Security Framework MobSF. According to Apple's...

A Leak Details Apple's Secret Dirt on Corellium, a Trusted Security Startup

A 500-page document reviewed by WIRED shows that Corellium engaged with several controversial companies, including spyware maker NSO Group...

A week in security (December 28 – January 3)

First off we would like to wish all our readers a happy and secure 2021! Last week on Malwarebytes Labs we presented an overview of developments in the SearchDimension hijackers, we looked at the most enticing cyberattacks of 2020, and we also looked back at the strangest cybersecurity events of...

Apple loses lawsuit against cyber security startup Corellium

By Deeba Ahmed A federal judge dismissed Apple's claim that virtualization startup Corellium was involved in copyright infringement and violated the DMCA. This is a post from HackRead.com Read the original post: Apple loses lawsuit against cyber security startup Corellium...

You Can Now Run Android on an iPhone With 'Project Sandcastle'

Not happy with your expensive iPhone and wondered if it's possible to run any other operating system on your iPhone, maybe, how to install Android on an iPhone or Linux for iPhones? Android phones can be rooted, and iPhones can be jailbroken to unlock new features, but so far, it's been close to...