Apple Backports Fixes for Three Zero-day Vulnerabilities (CVE-2025-24200, CVE-2025-24201, & CVE-2025-24085)

Apple released backported fixes to address three zero-day vulnerabilities exploited in targeted attacks against older iOS, iPadOS, and macOS versions. Tracked as CVE-2025-24200, CVE-2025-24201, & CVE-2025-24085, the vulnerabilities were initially patched in March. Apple mentioned in the advisory that they are aware of a report that the vulnerabilities may have been actively exploited against versions … Continue reading “Apple Backports Fixes for Three Zero-day Vulnerabilities (CVE-2025-24200, CVE-2025-24201, & CVE-2025-24085)”

Apple Addressed WebKit Zero-day Vulnerability Impacting iOS Devices (CVE-2025-24201)

Apple released fixes for an actively exploited vulnerability in attacks against iOS devices. Tracked as CVE-2025-24201, the vulnerability also affects macOS Sequoia and Safari web browser. The out-of-bounds write flaw exists in the WebKit browser engine. An attacker may exploit the vulnerability by maliciously crafted web content to break out of the Web Content sandbox. … Continue reading “Apple Addressed WebKit Zero-day Vulnerability Impacting iOS Devices (CVE-2025-24201)”