- Apple released security updates across all major devices following a serious web browser vulnerability.
- The flaw, CVE-2025-6558, was actively exploited and could allow attackers to escape browser Sandbox protections.
- Google security researchers discovered and reported the vulnerability, which also affects Chrome.
- The vulnerability stems from improper input validation in browser graphics components (ANGLE and GPU).
- Users are urged to update devices to patched versions for full protection, although no active Apple-targeted attacks have been reported.
Apple issued security updates on Tuesday, July 30, 2025, to address a high-risk vulnerability that affects its software portfolio. The flaw, identified as CVE-2025-6558, was already exploited as a zero-day attack in the Chrome web browser earlier in July, prompting immediate attention.
According to an official advisory, the vulnerability has a CVSS score of 8.8 out of 10, making it a significant security risk. The bug results from the incorrect validation of untrusted input in two browser graphics components, ANGLE and GPU. This could let an attacker escape the browser sandbox—a protective barrier—by using a specially crafted HTML page. Google confirmed that “an exploit for CVE-2025-6558 exists in the wild,” crediting Clément Lecigne and Vlad Stolyarov from its Threat Analysis Group for finding and disclosing the issue.
Apple stated the weakness impacts the WebKit engine, which powers the Safari browser. The company explained that “this is a vulnerability in open-source code and Apple Software is among the affected projects,” and further noted the flaw could cause Safari to crash unexpectedly when handling malicious websites. The company patched this bug in several major releases, including iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, tvOS 18.6, watchOS 11.6, and visionOS 2.6.
The updates cover a wide range of hardware, including iPhones starting from the XS model, various iPad generations, Macs, Apple TV, Apple Watch Series 6 and later, and the Vision Pro headset.
So far, there is no evidence that attackers have used this vulnerability to specifically target Apple device owners. Still, security experts recommend updating devices to the latest software versions to maintain optimal protection.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- Samourai Wallet Founders Plead Guilty, Face Up to 5 Years Prison
- Hackers Spread JSCEAL Malware via Fake Crypto Apps, Facebook Ads
- Chainlink (LINK) Eyes $28 as Bullish Momentum Builds for August
- Bank of Korea Renames Digital Currency Unit, Eyes Stablecoin Bills
- Kraken Seeks $15B Valuation, Benchmarking Binance Above $100B
