macOS and iOS Vulnerabilities Actively Exploited, Apple Rolls Out Critical Security Fixes

Apple has released urgent security updates for macOS and iOS to fix two zero-day vulnerabilities that are being actively exploited.

The flaws, discovered by Google’s Threat Analysis Group (TAG), affect Intel-based macOS systems and involve the processing of malicious web content.

The vulnerabilities are identified as CVE-2024-44308 (JavaScriptCore) and CVE-2024-44309 (WebKit), both of which could allow arbitrary code execution or cross-site scripting attacks.

Apple has urged all users to apply the latest updates: iOS 18.1.1, macOS Sequoia 15.1.1, and iOS 17.7.2.

This comes after a recent malware campaign targeting macOS users, believed to be carried out by North Korean hackers.