Apple released urgent security updates addressing two actively exploited vulnerabilities: CVE-2025-31200, a memory corruption flaw in Core Audio allowing code execution via malicious audio files, and CVE-2025-31201, an RPAC flaw enabling bypass of Pointer Authentication with arbitrary read/write access. Both were used in sophisticated targeted attacks against specific iOS users. Apple credited its internal team and Google TAG for discovery. Users of iOS, macOS, tvOS, and visionOS devices are urged to update immediately.
Expert Analysis:
The frequency of critical vulnerabilities this year shows that attackers continue to outpace traditional patch cycles. Staying updated is no longer advice.
It is a necessity.
Read the full article here.
