Government agencies have been urged to address the high-severity bug by September 11th.
Attacks involving an Apple zero-day flaw are impacting several iPhone, iPad, and MacBook models.
Tracked as CVE-2025-43300, have prompted the inclusion of the security issue in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, reports The Record.
Following an Apple report detailing the use of the vulnerability in an "extremely sophisticated" and highly targeted cyber-attack, all federal civilian executive branch agencies have been urged to address the high-severity bug by September 11th.
While additional details regarding its exploitation have not been provided by Apple, such a flaw was noted by Qualys researchers to involve the ImageIO framework used by Apple for image processing across its operating systems.
"This is a zero-click exploit that requires no user interaction, and can be triggered simply by processing a maliciously crafted image file, which could be delivered through various channels including messages, emails, or web content," added Qualys security research manager Mayuresh Dani.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
