Apple has released urgent security updates to patch CVE-2025-6558, a high-severity vulnerability in the ANGLE graphics engine that was actively exploited in Chrome zero-day attacks. The flaw, discovered by Google's Threat Analysis Group, allowed malicious web content to execute arbitrary code and potentially bypass browser sandbox protections.
Patches are now available for iOS, iPadOS, macOS Sequoia, tvOS, visionOS, and watchOS, addressing the risk of unexpected Safari crashes. CISA has added the flaw to its catalog of exploited vulnerabilities, requiring federal agencies to apply fixes by August 12. This marks Apple's sixth zero-day patch this year, highlighting ongoing threats from state-sponsored attackers.
Read more...