• Copy link
• Facebook
• X
• Reddit
• Email

Share this article

0

Join the conversation

Follow us

Add us as a preferred source on Google

Newsletter

Get the Tom's Guide Newsletter

Here at Tom’s Guide our expert editors are committed to bringing you the best news, reviews and guides to help you stay informed and ahead of the curve!

Become a Member in Seconds

Unlock instant access to exclusive member features.

Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors

---

By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

You are now subscribed

Your newsletter sign-up was successful

---

Want to add more newsletters?

Daily (Mon-Sun)

Tom's Guide Daily

Sign up to get the latest updates on all of your favorite content! From cutting-edge tech news and the hottest streaming buzz to unbeatable deals on the best products and in-depth reviews, we’ve got you covered.

Signup +

Weekly on Thursday

Tom's AI Guide

Be AI savvy with your weekly newsletter summing up all the biggest AI news you need to know. Plus, analysis from our AI editor and tips on how to use the latest AI tools!

Signup +

Weekly on Friday

Tom's iGuide

Unlock the vast world of Apple news straight to your inbox. With coverage on everything from exciting product launches to essential software updates, this is your go-to source for the latest updates on all the best Apple content.

Signup +

Weekly on Monday

Tom's Streaming Guide

Our weekly newsletter is expertly crafted to immerse you in the world of streaming. Stay updated on the latest releases and our top recommendations across your favorite streaming platforms.

Signup +

---

Join the club

Get full access to premium articles, exclusive features and a growing list of member rewards.

Explore

---

An account already exists for this email address, please log in.

Subscribe to our newsletter

Apple users should be sure to update their devices to iOS 18.6, particularly if they’re also Chrome users, as the latest software version includes a security patch that addresses a high-severity exploit that has been targeting the browser in zero-day attacks.

As reported by Bleeping Computer, the zero-day flaw in question (tracked as CVE-2025-6558) involves an incorrect validation of untrusted input in an open-source graphics abstraction layer.

It then processes GPU commands and translates API calls, which enables remote attackers to execute arbitrary code within the browser’s GPU process via specially crafted HTML pages. This could potentially allow them to escape the sandbox that isolates browser processes from the underlying operating system.

All this to say that, according to BGR, if you don’t update Chrome, you could be opening yourself up to being attacked just by visiting a malicious website. Attackers could run code on your device and bypass the protections that normally keep your browser safe and from there perform other malicious activities like running malware on your phone, stealing passwords, deploying ransomware or botnets or recording clipboard or webcam views.

The flaw was discovered in June by the Google TAG team and reported to Chrome, who patched it in July and tagged it as actively exploited. As per usual, Google has yet to provide much additional information about the attacks. However, it is well-known that TAG is often responsible for discovering flaws that are exploited by government-sponsored threat actors in targeted campaigns.

Apple released WebKit security updates on Tuesday that addressed the vulnerability, which affects iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, iPadOS 17.7.9, tvOS 18.6, visionOS 2.6, watchOS 11.6.

In its security statement, Apple said that “Processing maliciously crafted web content may lead to an unexpected Safari crash.” CISA (Cybersecurity and Infrastructure Security Agency) added this security bug to its catalog of vulnerabilities known to be exploited in attacks on July 22, requiring federal agencies patch their software by August 12th.

Updating your phone, computer and of course, your browser, is something you should be doing regularly and a zero-day flaw like this one which could be exploited by hackers in their attacks is exactly the reason why.

Follow Tom's Guide on Google News to get our up-to-date news, how-tos, and reviews in your feeds. Make sure to click the Follow button.

More from Tom's Guide

• More than 250 malicious apps are spreading info-stealing malware on Android and iOS — delete these right now
• 12 signs your phone has been hacked — and what to do next
• Apple just announced 5 big upgrades to protect your kids online — here's what's coming