Apple seems to be working overtime to fix its security vulnerabilities. Apple has released urgent security updates to fix two serious vulnerabilities, called “zero-day” flaws, that hackers have already used in targeted attacks.
These weaknesses were exploited to go after specific individuals, according to the company. The updates cover iPhones, iPads, Macs, Apple Watches, Apple TVs, and Safari. Installing them is strongly recommended for everyone.
The flaws, identified as CVE-2025-43529 and CVE-2025-14174, are in WebKit, the engine that powers Safari and many Apple apps. Because WebKit is a central part of Apple devices, attackers could exploit these flaws just by getting someone to open a malicious webpage — no extra clicks or downloads needed.
READ: Google adds Gemini AI to Chrome following antitrust court win (
● CVE-2025-43529 is a “use-after-free” bug, where the device tries to use memory that has already been freed. Hackers could take advantage of this to run their own code. Google’s Threat Analysis Group (TAG) discovered this flaw.
● CVE-2025-14174 is a memory corruption vulnerability reported by both Apple and Google TAG researchers. It can destabilize device memory and allow attackers to gain control.
Affected devices include iPhone 11 and newer, iPad Pro (12.9-inch 3rd gen+, 11-inch 1st gen+), iPad Air 3 and later, iPad 8 and later, and iPad mini 5 and later. Updates are available as iOS 18.7.3, iPadOS 18.7.3, macOS Tahoe 26.2, OS 26.2 (for Apple Watch, tvOS, and visionOS), and Safari 26.2.
Apple worked closely with Google, which patched a related Chrome vulnerability. Security experts note that the involvement of Google TAG, which tracks sophisticated threat actors, suggests these attacks may target diplomats, journalists, activists, or executives rather than general users.
This week’s patches bring the total number of zero-days fixed in 2025 to at least seven. Experts warn that such targeted attacks are becoming more frequent and sophisticated. Even if you are not a high-risk user, it is important to update devices immediately.
On iPhone or iPad, go to Settings > General > Software Update; on Mac, use System Preferences. Older devices may receive standalone patches from Apple. Keeping devices up to date is the best protection against these threats.
The ongoing discovery of critical vulnerabilities in widely used software highlights the complex and evolving nature of digital security in 2025. As technology becomes more central to everyday life, both individuals and organizations face growing exposure to sophisticated cyber risks. These incidents demonstrate that threats are not just technical issues but can have broader implications for privacy, trust, and the integrity of digital infrastructure.
The pattern of frequent zero-day discoveries also emphasizes the need for a proactive approach to cybersecurity. Companies must invest in continuous monitoring, research, and collaboration to identify weaknesses before they can be exploited. Similarly, governments and industry stakeholders are increasingly called upon to develop frameworks and standards that strengthen resilience across platforms and supply chains.
For the public, these developments reinforce the importance of cultivating cybersecurity awareness, adopting safe practices, and staying informed about emerging threats. In a digital environment that evolves rapidly, maintaining vigilance, planning for contingencies, and prioritizing security measures are essential for mitigating potential disruptions. The situation reflects the ongoing tension between technological advancement and security, highlighting the need for continuous adaptation and responsible management of digital tools and systems.