Apple quashes two zero-days with iOS, MacOS patches

Apple on Wednesday shipped out‑of‑band operating system updates to fix a pair of security bugs the company says were already exploited in “extremely sophisticated” attacks against a small number of iOS targets.

The vulnerabilities, tagged as CVE-2025-31200 and CVE-2025-31201, are described as code execution and mitigation bypass issues that affect Apple’s iOS, iPadOS and macOS platforms.

Apple said it was aware of a report that both flaws were part of high-end attacks against specific target iPhones.

Read more at Security Week