Apple has released emergency updates (iOS 18.6.2, iPadOS 18.6.2, and macOS) to address a critical security vulnerability, CVE-2025-43300, actively being exploited in real-world attacks. The flaw in ImageIO allows hackers to gain full device access simply by sending a malicious image, without user interaction.

• The vulnerability, tracked as CVE-2025-43300, is reportedly exploited by sending a malicious image file.
• Apple confirmed the bug allows arbitrary code execution and privilege escalation, potentially installing spyware.
• High-net-worth individuals, particularly in the crypto world, have already been targeted.