Update now! Apple, Google release emergency fixes after zero-day attacks
What's the story
Apple and Google have issued critical software updates to defend against a hacking campaign that has affected an unknown number of their users. The security flaw was discovered by Apple's security engineering team and Google's Threat Analysis Group, which mainly focuses on tracking government-backed hackers and mercenary spyware developers. This indicates that state-sponsored hackers may be behind the attack.
Update rollout
Apple releases security updates for multiple devices
Apple has released security updates for its major products. The update covers iPhones, iPads, Macs, Vision Pro, Apple TV, and Apple Watches. It also includes the Safari browser. The advisory for iPhones and iPads states that two bugs were patched in devices running versions prior to iOS 26. Google has also patched multiple security vulnerabilities in Chrome, warning that at least one was already under active attack.
Attack details
Apple's advisory hints at sophisticated attack
The language used in Apple's advisory suggests that the company is aware of its customers being targeted by hackers using zero-day exploits. Zero-days are vulnerabilities that are unknown to software makers at the time of exploitation. They are often used by government hackers with tools and spyware from companies like NSO Group or Paragon Solutions to target journalists, dissidents, and human rights activists.