Security News > 2022 > May > Apple emergency update fixes zero-day used to hack Macs, Watches
Apple has released security updates to address a zero-day vulnerability that threat actors can exploit in attacks targeting Macs and Apple Watch devices.
In security advisories issued on Monday, Apple revealed that they're aware of reports this security bug "May have been actively exploited."
The list of impacted devices includes Apple Watch Series 3 or later and Macs running macOS Big Sur.
By withholding information, the company is likely aiming to allow the security updates to reach as many Apple Watches and Macs as possible before attackers pick up on the zero-day's details and start deploying exploits in other attacks.
In January, Apple patched two other zero-days exploited in the wild to let attackers gain arbitrary code execution with kernel privileges and track web browsing activity and user identities in real-time.
One month later, Apple released security updates to patch a new zero-day bug exploited to hack iPhones, iPads, and Macs, which leads to OS crashes and remote code execution on compromised Apple devices.
News URL
Related news
- Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More (source)
- Apple fixes this year’s first actively exploited zero-day bug (source)
- Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085) (source)
- SLAP, Apple, and FLOP: Safari, Chrome at risk of data theft on iPhone, Mac, iPad Silicon (source)
- Apple fixes zero-day exploited in 'extremely sophisticated' attacks (source)
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) (source)
- Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update (source)
- A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094) (source)