Apple has fixed yet another vulnerability (CVE-2025-43300) that has apparently been exploited as a zero-day “in an extremely sophisticated attack against specific targeted individuals.” About CVE-2025-43300 CVE-2025-43300 is an out-of-bounds write issue that could be triggered by a vulnerable device processing a malicious image file, leading to exploitable memory corruption. The vulnerability affects the Image I/O framework used by Apple’s iOS and macOS operating systems. Apple has fixed this flaw with improved bounds checking in: … More

The post Apple fixes zero-day vulnerability exploited in “extremely sophisticated attack” (CVE-2025-43300) appeared first on Help Net Security.