Security News > 2021 > September > Apple patches new zero-day bug used to hack iPhones and Macs
Apple has released security updates to fix a zero-day vulnerability exploited in the wild by attackers to hack into iPhones and Macs running older iOS and macOS versions.
The zero-day patched today [1, 2] was found in the XNU operating system kernel and was reported by Erye Hernandez and Clément Lecigne of Google Threat Analysis Group, and Ian Beer of Google Project Zero.
"Apple is aware of a report that this issue may have been actively exploited," Apple said when describing the zero-day bug.
Apple also backported security updates for two previously patched zero-days, one of them reported by The Citizen Lab and used to deploy NSO Pegasus spyware on hacked devices.
Two zero-days earlier this month, one of them used also used to install Pegasus spyware on iPhones,.
Two iOS zero-day bugs in June that "May have been actively exploited" to hack into older iPhone, iPad, and iPod devices.
News URL
Related news
- Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More (source)
- Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085) (source)
- SLAP, Apple, and FLOP: Safari, Chrome at risk of data theft on iPhone, Mac, iPad Silicon (source)
- Apple fixes this year’s first actively exploited zero-day bug (source)
- Week in review: Apple 0-day used to target iPhones, DeepSeek’s popularity exploited by scammers (source)