Apple Patches Zero-Day Flaw Used in 'Sophisticated' Attack - Dark Reading

VULNERABILITIES & THREATS ENDPOINT SECURITY CYBERATTACKS & DATA BREACHES APPLICATION SECURITY NEWS Apple Patches Zero-Day Flaw Used in 'Sophisticated' Attack CVE-2025-43300 is the latest zero-day bug used in cyberattacks against "targeted individuals," which could signify spyware or nation-state hacking. Rob Wright,Senior News Director,Dark Reading August 22, 2025 2 Min Read SOURCE: WACHIWIT VIA ALAMY STOCK PHOTO Apple on Aug. 20 patched a zero-day flaw in its ImageIO framework — the latest in a series of zero-day vulnerabilities disclosed by the company this year.  The vulnerability, tracked as CVE-2025-43300, is an out-of-bounds write issue. The company said the vuln was exploited in "extremely sophisticated" targeted attack. "Processing a malicious image file may result in memory corruption," Apple's security advisory stated. "Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals." The flaw affects iOS, iPadOS, and macOS, and it has been addressed with improved bounds checking in the latest versions of the operating systems, according to Apple. The vulnerability was discovered by Apple employees. As is its custom, Apple provided no further technical details of the vulnerability or insights into the exploitation activity beyond characterizing the cyberattacks as sophisticated. The tech giant began using such terminology in some advisories this year, presumably to signify nation-state threats and spyware activity. Related:Fake PoCs, Misunderstood Risks Cause Cisco SD-WAN Chaos For example, in February, Apple disclosed CVE-2025-24200, a zero-day flaw that allows unauthorized users to disable the company's USB Restricted Mode. As with CVE-2025-43300's advisory, Apple said the vulnerability may have been exploited in an "extremely sophisticated" attack and credited Bill Marczak of the Citizen Lab at the University of Toronto's Munk School, which focuses on commercial spyware activity, with the discovery. In April, Apple patched another zero-day flaw tracked as CVE-2025-43200, which stemmed from a logic issue in processing a maliciously crafted image or video shared through an iCloud link. In June, the Citizen Lab revealed that the vulnerability had been used in a zero-click iOS exploit from Paragon Solutions, a commercial spyware vendor. Citizen Lab researchers said the spyware attacks targeted two journalists. Spyware Hack While CVE-2025-43300 was discovered internally by Apple, a previous ImageIO flaw was weaponized by the notorious spyware maker NSO Group in 2023. The Citizen Lab discovered CVE-2023-41064, a heap buffer overflow vulnerability, in a spyware attack on a civil society organization in Washington, DC. About the Author Rob Wright Senior News Director, Dark Reading Rob Wright is a longtime reporter with more than 25 years of experience as a technology journalist. Prior to joining Dark Reading as senior news director, he spent more than a decade at TechTarget's SearchSecurity in various roles, including senior news director, executive editor and editorial director. Before that, he worked for several years at CRN, Tom's Hardware Guide, and VARBusiness Magazine covering a variety of technology beats and trends. Prior to becoming a technology journalist in 2000, he worked as a weekly and daily newspaper reporter in Virginia, where he won three Virginia Press Association awards in 1998 and 1999. He graduated from the University of Richmond in 1997 with a degree in journalism and English. A native of Massachusetts, he lives in the Boston area.  More Insights Industry Reports Frost Radar™: Non-human Identity Solutions 2026 CISO AI Risk Report Cybersecurity Forecast 2026 The ROI of AI in Security ThreatLabz 2025 Ransomware Report Access More Research Webinars Building a Robust SOC in a Post-AI World Retail Security: Protecting Customer Data and Payment Systems Rethinking SSE: When Unified SASE Delivers the Flexibility Enterprises Need Securing Remote and Hybrid Work Forecast: Beyond the VPN AI-Powered Threat Detection: Beyond Traditional Security Models More Webinars You May Also Like VULNERABILITIES & THREATS Patch Now: Microsoft Flags Zero-Day & Critical Zero-Click Bugs by Jai Vijayan, Contributing Writer NOV 11, 2025 VULNERABILITIES & THREATS 350M Cars, 1B Devices Exposed to 1-Click Bluetooth RCE by Nate Nelson, Contributing Writer JUL 11, 2025 VULNERABILITIES & THREATS AI Agents Fail in Novel Ways, Put Businesses at Risk by Robert Lemos, Contributing Writer MAY 07, 2025 CYBERATTACKS & DATA BREACHES DeepSeek Breach Opens Floodgates to Dark Web by Emma Zaballos APR 22, 2025 Editor's Choice CYBERSECURITY OPERATIONS Why Stryker's Outage Is a Disaster Recovery Wake-Up Call byJai Vijayan MAR 12, 2026 5 MIN READ APPLICATION SECURITY Microsoft Patches 83 CVEs in March Update byJai Vijayan MAR 11, 2026 4 MIN READ THREAT INTELLIGENCE Commercial Spyware Opponents Fear US Policy Shifting byRob Wright MAR 12, 2026 9 MIN READ Want more Dark Reading stories in your Google search results? 2026 Security Trends & Outlooks THREAT INTELLIGENCE Cybersecurity Predictions for 2026: Navigating the Future of Digital Threats JAN 2, 2026 CYBER RISK Navigating Privacy and Cybersecurity Laws in 2026 Will Prove Difficult JAN 12, 2026 ENDPOINT SECURITY CISOs Face a Tighter Insurance Market in 2026 JAN 5, 2026 THREAT INTELLIGENCE 2026: The Year Agentic AI Becomes the Attack-Surface Poster Child JAN 30, 2026 Download the Collection Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox. SUBSCRIBE Webinars Building a Robust SOC in a Post-AI World THURS, MARCH 19, 2026 AT 1PM EST Retail Security: Protecting Customer Data and Payment Systems THURS, APRIL 2, 2026 AT 1PM EST Rethinking SSE: When Unified SASE Delivers the Flexibility Enterprises Need WED, APRIL 1, 2026 AT 1PM EST Securing Remote and Hybrid Work Forecast: Beyond the VPN TUES, MARCH 10, 2026 AT 1PM EST AI-Powered Threat Detection: Beyond Traditional Security Models WED, MARCH 25, 2026 AT 1PM EST More Webinars White Papers Autonomous Pentesting at Machine Speed, Without False Positives Fixing Organizations' Identity Security Posture Best practices for incident response planning Industry Report: AI, SOC, and Modernizing Cybersecurity The Threat Prevention Buyer's Guide: Find the best AI-driven threat protection solution to stop file-based attacks. Explore More White Papers GISEC GLOBAL 2026 GISEC GLOBAL is the most influential and the largest cybersecurity gathering in the Middle East & Africa, uniting global CISOs, government leaders, technology buyers, and ethical hackers for three power-packed days of innovation, strategy, and live cyber drills. 📌 BOOK YOUR SPACE