Three Buddy Problem - Episode 34: We dig into the latest exploited Apple iPhone zero-day (USB Restricted Mode bypass), an AMD microcode flaw so serious it’s not being fully disclosed, a barrage of Patch Tuesday updates, the helpless nature of trying to defend corporate networks, Russian threat actor movements, and fresh intel from Rapid7, Volexity, and Microsoft.

Cast: Juan Andres Guerrero-Saade, Costin Raiu and Ryan Naraine.

Links:

• Transcript (unedited, AI-generated)
• Apple iOS 18.3.1 zero-day bulletin
• Apple Says iPhone USB Restricted Mode Exploited in ‘Extremely Sophisticated’ Attack
• Quarkslab: Analysis of USB Restricted Mode bypass (CVE-2025-24200)
• ZDI Patch Tuesday recap (exploited Windows 0days)
• The BadPilot campaign (Seashell Blizzard subgroup)
• Rapid7 on PostgreSQL zero-day linked to BeyondTrust 0days
• PostgreSQL 0day advisory (CVE-2025-1094)
• Google partial disclosure of high-risk flaw in AMD microcode
• AMD SEV Confidential Computing Vulnerability (CVE-2024-56161)
• Fortinet documents another exploited 0day
• Storm-2372 conducts device code phishing campaign
• CrowdStrike on malware naming schemes