Research

Apple has released urgent fixes for CVE-2025-43300, a zero-day vulnerability in the ImageIO framework exploited in targeted attacks. This post highlights the flaw, affected systems, risks, and Agilehunt’s security insights.

This blog discusses an AppleID account takeover vulnerability via brute-forcing app-specific passwords or accounts without 2FA. AgileHunt highlights the risks, exploitation techniques, and security measures while offering expert solutions to safeguard user accounts and digital platforms.

This blog discusses a Web Cache Deception vulnerability that exposes Personally Identifiable Information (PII) on non-existing URL endpoints. Agilehunt outlines the risks, exploitation steps, and recommendations, while offering professional security solutions to protect businesses from such threats.

This article details a heap-based buffer overflow vulnerability (CVE-2023-1906) discovered in ImageMagick during fuzz testing using AFL++. The vulnerability could lead to denial of service or arbitrary code execution, and a fix was released in version 7.1.1-6.

Discover how a race condition vulnerability in Clipchamp’s internal environments exposed sensitive data, allowing attackers to bypass Google IAP authentication. Learn how Agilehunt can secure your organization against such vulnerabilities.