Apple releases critical security updates to patch Chrome zero-day vulnerability

Apple has rolled out an urgent security patch fro iOS 18.6, iPadOS 18.6, macOS Sequoia 15.6, and other operating systems to address a critical zero-day vulnerability that has been actively exploited in attacks targeting Google Chrome users. The flaw identified as CVE-2025-6558 enable remote hackers to execute an arbitrary code via crafted HTML pages enabling them to bypass browser’s security sandbox. As reported by Bleeping Computers, the vulnerability stems from an insufficient validation of untrusted input within the ANGLE (Almost Native Graphics Layer Engine) and GPU components, which are shared open-source graphics abstraction layers.

Google’s Threat Analysis Group (TAG) discovered the flaw in June and reported it to the Chrome team, who patched it on July 15, confirming active exploitation in the wild.