Apple's latest iPhone update fixes two zero-day security flaws exploited in targeted attacks

In a nutshell: Apple released iOS 18.4.1 this week with patches for two critical iPhone security flaws, both of which were being exploited in the wild. The update also contains important bug fixes, including one for an annoying CarPlay glitch that caused random connection issues and other problems. The first security vulnerability addressed in the latest update is in CoreAudio, tracked as CVE-2025-31200. According to Apple's security bulletin, it allowed for malicious code execution when processing an audio stream from an infected media file. The vulnerability is described as a memory corruption issue that was fixed with improved bounds checking. Apple says it has received reports that this bug was exploited in an "extremely sophisticated attack against specific targeted individuals on iOS," but did not divulge further details or how it was exploited to target unsuspecting users. The vulnerability was detected by Apple and the Google Threat Analysis Group. The second security flaw, ... Read full article.