Apple has issued security updates to fix a critical vulnerability, CVE-2025-6558, exploited in zero-day attacks targeting Google Chrome users. The flaw allows remote attackers to execute arbitrary code and escape browser sandbox protections, affecting multiple Apple devices and systems. #CVE-2025-6558 #GoogleChrome #AppleSecurity
Keypoints
- The vulnerability CVE-2025-6558 was discovered by Googleβs Threat Analysis Group in June.
- It involves improper validation of untrusted input in the ANGLE graphics engine, leading to code execution.
- Apple released security updates for iOS, iPadOS, macOS, tvOS, visionOS, and watchOS to address the issue.
- The U.S. CISA listed this vulnerability as actively exploited in targeted attacks, urging quick patching.
- Since 2025, Apple has patched five zero-day flaws exploited in targeted attacks on its devices.