"Apple pushed fresh security updates across much of its ecosystem, including iPhones, iPads and Macs, fixing a pair of bugs in WebKit that it says may have been abused in an "extremely sophisticated attack against specific targeted individuals." As usual, Cupertino was light on technical detail, offering little more than a warning that the exploits were real and already in circulation."
"Google, meanwhile, shipped a Chrome Stable channel update addressing multiple security flaws, including at least one zero-day that had already been exploited before a fix was available. The high-risk bug, tracked as CVE-2025-14174, was described as an out-of-bounds memory access vulnerability, with Google acknowledging it was aware of an exploit in the wild. Google quietly fixed the Chrome bug last Wednesday, but said the vulnerability was still "under coordination.""
Apple pushed security updates across iPhones, iPads and Macs to fix WebKit bugs that may have been abused in an "extremely sophisticated attack against specific targeted individuals." Apple provided minimal technical detail while warning that exploits were real and circulating. Google released a Chrome Stable update addressing multiple flaws, including CVE-2025-14174, an out-of-bounds memory access vulnerability that was exploited in the wild. Google credited Apple’s security engineering team and its Threat Analysis Group for discovery, suggesting spyware-grade exploitation linked to mercenary or state-backed actors. Both companies gave few details, increasing the zero-day tally and forcing immediate patching.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]