Apple, Google Issue Emergency Zero-Day Security Updates

Tech giants Apple and Google have swiftly rolled out emergency security updates across their flagship products, including iPhones, iPads, Macs, and the Chrome browser. These critical patches address multiple zero-day vulnerabilities that were actively exploited in sophisticated hacking campaigns, potentially targeting specific individuals.

Google Patches Chrome Zero-Day

On Wednesday, Google released patches for several security bugs in its Chrome browser. The company confirmed that one of these vulnerabilities was being actively exploited by attackers before a patch could be developed.

Initially, Google provided limited details, a rare occurrence for the company. However, an update to their advisory on Friday revealed that the exploited bug was co-discovered by Apple’s security engineering team and Google’s Threat Analysis Group. This collaboration, particularly involving Google’s Threat Analysis Group — known for tracking government hackers and mercenary spyware makers — suggests the hacking campaign might have been orchestrated by state-sponsored actors.

Apple Addresses Multiple Zero-Days Across Devices

Concurrently, Apple issued its own set of critical security updates for a wide array of its products. These include iPhones, iPads, Macs, Vision Pro, Apple TV, Apple Watches, and the Safari browser.

According to Apple's security advisory for iPhones and iPads, two bugs were patched. The company stated it was aware "that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals" running devices prior to iOS 26.

This phrasing is Apple’s typical way of indicating that some users were targeted by hackers exploiting zero-day vulnerabilities — flaws unknown to software makers at the time of exploitation. Such cases often involve government hackers utilizing sophisticated hacking tools and spyware from companies like NSO Group or Paragon Solutions, frequently targeting journalists, dissidents, and human rights activists.

Both Apple and Google did not immediately respond to requests for comment regarding these security incidents.