Apple patches critical Zero-Day exploit used in Chrome attacks

This is Apple’s sixth zero-day patch in 2025, underscoring a rise in advanced cyber threats as experts warn that unpatched software remains a key entry point for targeted attacks on high-risk individuals worldwide

Apple has issued urgent security updates to address a critical vulnerability identified as CVE-2025-6558, which has been actively exploited in targeted attacks involving Google Chrome. The flaw, linked to the ANGLE (Almost Native Graphics Layer Engine) graphics abstraction layer, can allow attackers to execute arbitrary code through malicious HTML content, potentially escaping the browser’s secure sandbox environment.

The vulnerability was discovered in June by security researchers Vlad Stolyarov and Clément Lecigne from Google’s Threat Analysis Group (TAG), a team known for uncovering zero-day exploits leveraged by state-sponsored actors. Google patched the issue in Chrome on July 15 and confirmed that the flaw was under active exploitation.

Apple’s latest updates aim to mitigate the risk for a wide range of devices and platforms, including:

·       iOS 18.6 and iPadOS 18.6 for iPhone XS and newer, as well as newer iPads

·       macOS Sequoia 15.6 for all supported Mac devices

·       iPadOS 17.7.9 for older iPads including the 6th generation and certain iPad Pro models

·       tvOS 18.6 for Apple TV HD and 4K

·       visionOS 2.6 for Apple Vision Pro

·       watchOS 11.6 for Apple Watch Series 6 and above

Open-source flaw spurs federal warning

Apple acknowledged that the vulnerability could lead to Safari crashes when processing malicious web content and confirmed that the issue arises from vulnerabilities in open-source components that are widely used beyond Apple’s ecosystem.

On July 22, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) also added CVE-2025-6558 to its catalog of known exploited vulnerabilities. Federal agencies have been instructed to apply necessary patches by August 12 under Binding Operational Directive 22-01. Although this directive is mandatory only for federal networks, CISA strongly recommended all organizations urgently patch the vulnerability due to its potential to serve as a gateway for cyber intrusions.