Apple has released urgent security updates to address two zero-day vulnerabilities, CVE-2025-31200 and CVE-2025-31201, that were exploited in sophisticated attacks on specific iPhone users. These vulnerabilities affect multiple Apple operating systems and devices, including iOS and macOS, and users are strongly urged to install the updates promptly to safeguard their devices. Since the beginning of the year, Apple has remedied five zero-day vulnerabilities.

Mozilla has addressed multiple zero-day vulnerabilities that were demonstrated during the Pwn2Own Berlin 2025 competition. These security flaws could have allowed attackers to exploit the Firefox browser, prompting the urgent need for updates to protect users. The fixes are part of Mozilla's ongoing commitment to enhance browser security.

Google has issued the September 2025 security update for Android, addressing 84 vulnerabilities, including two critical zero-day flaws that are currently being exploited. The update also includes fixes for four critical-severity issues, particularly affecting Qualcomm components and various Android versions. Users are urged to update their devices to ensure protection against these vulnerabilities.

Researchers have discovered multiple zero-day vulnerabilities in HashiCorp Vault and CyberArk Conjur, critical secret management platforms used by many enterprises. These vulnerabilities could allow attackers to bypass authentication, gain root access, and execute remote code, posing significant security risks to organizations.

A new startup focused on zero-day vulnerabilities is offering $20 million for tools that can successfully hack any smartphone. This initiative aims to attract skilled hackers to enhance cybersecurity solutions amidst increasing smartphone security challenges.