Apple has released security updates to fix a high-severity vulnerability, CVE-2025-6558, that was exploited in zero-day attacks targeting Google Chrome users. The flaw allows remote attackers to execute arbitrary code in the browser's GPU process, potentially breaching the sandbox isolation from the operating system. CISA has also urged federal agencies to prioritize patching this vulnerability due to its significant risks.

Apple has released a security patch addressing a critical zero-day vulnerability identified as CVE-2025-43300, which could allow attackers to execute arbitrary code on affected devices. Users are urged to update their devices promptly to protect against potential exploitation of this flaw.

Apple has released a critical security patch addressing a zero-day vulnerability in its ImageIO framework, which has reportedly been exploited in targeted attacks. Users are urged to update their devices promptly to mitigate potential risks associated with this exploit.

Apple released a security patch for CVE-2025-43300, addressing an out-of-bounds write vulnerability in the ImageIO framework that could be exploited in zero-click attacks. The article provides a detailed root cause analysis of the vulnerability and the changes made in the patch, focusing on the modifications in the RawCamera file and the implications for image processing. Researchers have previously explored the vulnerability, revealing its connections to JPEG Lossless compression in DNG files.