iPhone Users Urged to Update to Patch 2 Zero-Days

Apple released security patches addressing two zero-day vulnerabilities in iOS and macOS that attackers actively exploit. One flaw resides in the kernel; the other in WebKit. Both grant attackers code execution and device takeover capabilities.

The kernel vulnerability affects macOS systems. The WebKit flaw impacts iPhones and other iOS devices. Apple issued separate patches for each operating system to close these attack vectors.

Threat actors currently weaponize both vulnerabilities. This active exploitation status elevates risk for all affected users. Apple has not disclosed the identity of the threat actors or named specific campaigns using these exploits.

Users should prioritize these updates immediately. Defenders managing Apple device fleets should deploy patches without delay. The active threat environment means devices running unpatched versions face direct compromise risk.

Apple's security advisories provide CVE identifiers and affected version numbers. Organizations should cross-reference these details against device inventory to identify vulnerable systems. Patch deployment should proceed on an expedited timeline given the confirmed in-the-wild exploitation.