Cyberdudebivash

  Executive Snapshot  Actively exploited in 2025: ImageIO zero-click (CVE-2025-43300) —malicious images could trigger memory corruption; Apple confirmed targeted exploitation and issued iOS/iPadOS 18.6.2 . Apple Support +2 CISA +2 Kernel/privilege escalation (CVE-2025-24085) —use-after-free fixed in iOS 18.3 ; Apple notes it was exploited against versions before iOS 17.2 . nvd.nist.gov WebKit sandbox escape (CVE-2025-24201) —patched in iOS 18.3.2 as a supplementary fix to earlier targeted attacks. nvd.nist.gov Also patched & widely discussed: USB Restricted Mode bypass (CVE-2025-24200) —fixed in iOS 18.3.1 after reports of real-world, highly targeted use. Apple Support +2 blog.quarkslab.com +2 Chrome ANGLE/GPU 0-day (CVE-2025-6558) —Apple shipped related WebKit/Safari updates; no confirmed in-the-wild Safari exploitation as of the time of writing. Apple Support +1 What to do right now: Update to the latest iOS security patch (18.6.x stream) a...