Security News > 2021 > May > Apple fixes three zero-days, one abused by XCSSET macOS malware
Apple has released security updates to patch three macOS and tvOS zero-day vulnerabilities attackers exploited in the wild, with the former being abused by the XCSSET malware to bypass macOS privacy protections.
In all three cases, Apple said that it is aware of reports that the security issues "May have been actively exploited," but it didn't provide details on the attacks or threat actors who may have exploited the zero-days.
Two of the three zero-days impact WebKit on Apple TV 4K and Apple TV HD devices.
While Apple didn't provide any details on how the three zero-days were abused in attacks, Jamf researchers discovered that the macOS zero-day patched today was used by the XCSSET malware to circumvent Apple's TCC protections designed to safeguard users' privacy.
The Shlayer malware used the macOS zero-day patched in April to bypass Apple's File Quarantine, Gatekeeper, and Notarization security checks as an easy way to download and install second-stage malicious payloads.
Update: Added info on the XCSSET malware using the macOS zero-day, updated title.
News URL
Related news
- Ivanti zero-day attacks infected devices with custom malware (source)
- Apple fixes this year’s first actively exploited zero-day bug (source)
- Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More (source)
- Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085) (source)
- North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS (source)
- Apple missed screenshot-snooping malware in code that made it into the App Store, Kaspersky claims (source)
- Apple fixes zero-day exploited in 'extremely sophisticated' attacks (source)
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) (source)
- Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update (source)
- XCSSET macOS malware returns with first new version since 2022 (source)