<div id="readability-page-1"><div id="body"> <p>Apple and Google have both issued emergency patches after zero-day bugs were caught being actively exploited in what the companies describe as &#34;sophisticated&#34; real-world attacks.</p> <p>Over the past few days, the two tech giants have rushed updates out the door to close vulnerabilities that attackers were already abusing against an unspecified number of targets, once again forcing users to patch first and ask questions later.</p> <p>Apple pushed fresh security updates across much of its ecosystem, including iPhones, iPads and Macs, fixing a pair of bugs in WebKit that it says may have been abused in an &#34;extremely sophisticated attack against specific targeted individuals.&#34; As usual, Cupertino was light on technical detail, offering little more than a warning that the exploits were real and already in circulation.</p>  <p>Google, meanwhile, shipped a Chrome stable channel update addressing multiple security flaws, including at least one zero-day that had already been exploited before a fix was available. The high-risk bug, tracked as CVE-2025-14174, was described as an out-of-bounds memory access vulnerability, with Google acknowledging it was aware of an exploit in the wild.</p> <ul> <li>700+ self-hosted Gits battered in 0-day attacks with no fix imminent</li> <li>Cloudflare blames Friday outage on borked fix for React2shell vuln</li> <li>Two Android 0-day bugs disclosed and fixed, plus 105 more to patch</li> <li>Google Chrome bug exploited as an 0-day - patch now or risk full system compromise</li> <li>Frightful Patch Tuesday gives admins a scare with 175+ Microsoft CVEs, 3 under attack</li> </ul> <p>Google quietly fixed the Chrome bug last Wednesday, but said the vulnerability was still &#34;under coordination&#34;. The Chocolate Factory updated its patch notes after Apple disclosed its own findings, revealing the overlap between the two companies' investigations.</p> <p>Neither company has spilled many technical details, but Google credits the discovery of CVE-2025-14174 to Apple's security engineering team and Google's Threat Analysis Group – a unit better known for tracking mercenary spyware vendors and state-backed intrusion campaigns than for chasing everyday malware. That attribution strongly hints this was spyware-grade exploitation rather than opportunistic drive-by hacking.</p>  <p>The flurry of fixes adds to a growing zero-day tally for both firms. With these latest updates, Apple has now patched nine vulnerabilities exploited in the wild so far in 2025, while Google has been forced to tackle eight Chrome zero-days this year, a pace that suggests attackers continue to prize browsers and mobile platforms as some of the most lucrative real estate around. ®</p>  </div></div>

GGLS

GGLL

AAPB

AAPD

AAPU

AAPX

AAPY

APLY

<p>Apple and Google issued emergency patches for zero-day vulnerabilities actively exploited in sophisticated attacks. Apple updated security across iPhones, iPads, and Macs, addressing WebKit bugs. Google released a Chrome update for multiple security flaws, including CVE-2025-14174. Both companies provided limited technical details, but the discovery hints at spyware-grade exploitation. Apple has patched nine zero-day vulnerabilities in 2025, while Google tackled eight Chrome zero-days, highlighting the ongoing threat to browsers and mobile platforms.</p>

Apple and Google forced into emergency patching 0-day