Security Intelligence
Loading table of contents...
On July 29, 2025, Apple released security updates for iOS 18.6, iPadOS 18.6, macOS Sequoia 15.6, and other platforms like watchOS, tvOS, and visionOS to address multiple vulnerabilities. While Safari’s WebKit engine received the largest number of fixes, other components such as AppleMobileFileIntegrity and PackageKit were also updated.
One critical flaw in WebKit was previously flagged as exploited in the wild against Google Chrome. The vulnerability, tracked as CVE-2025-6558, was first disclosed in mid-July and addressed with Chrome version 138. It involves improper validation of untrusted input in ANGLE and GPU components, which could allow threat actors to escape the browser sandbox via malicious HTML content.
Apple confirmed its software was affected due to shared open-source code but noted there’s no evidence of active exploitation against Safari users.
The CVE-2025-6558 patch is included in:
- iOS 18.6 and iPadOS 18.6 (for iPhone XS and later, and most recent iPads)
- macOS Sequoia 15.6
- tvOS 18.6, watchOS 11.6, and visionOS 2.6
Another notable fix includes CVE-2025-43223, a denial-of-service vulnerability in the CFNetwork framework that could allow non-privileged users to alter restricted network settings. While Apple has not disclosed any technical details, the nature of the flaw suggests it could be used to crash Safari or bypass sandbox protections via malicious web content.
Stay on top of emerging threats.
Sign up to receive a weekly roundup of our security intelligence feed. You'll be the first to know of emerging attack vectors, threats, and vulnerabilities.
Analyst insight
Apple users should update their devices to the latest software versions released on July 29, 2025, to ensure protection against CVE-2025-6558 and other vulnerabilities. Organizations managing Apple endpoints should verify that updates have been applied across all devices, especially those used for browsing or development.
