Particle.news

Download on the App Store

Apple Pushes Urgent OS Updates to Patch Actively Exploited WebKit Flaw

Experts warn vulnerable Apple devices remain at risk following CISA’s listing of a critical WebKit zero-day in its active catalog.

The bug affects both Chrome and Safari.
iOS 18.6 fixes a big security loophole
Image

Overview

  • On July 29, Apple released iOS 18.6, iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, watchOS 11.6 and visionOS 2.6 to address multiple security vulnerabilities.
  • The updates plug CVE-2025-6558, a WebKit flaw enabling arbitrary code execution via malicious HTML; Google’s Threat Analysis Group identified it in June before CISA listed it as actively exploited.
  • In all, the patches deliver 29 urgent security fixes spanning WebKit, CoreAudio, CoreMedia and other critical system components.
  • Chrome users received a hotfix for the same bug in mid-July, illustrating cross-vendor coordination to curb exploits in the wild.
  • Cybersecurity experts and federal agencies have stressed immediate installation to prevent data breaches and meet urgent compliance deadlines.