Apple released a security update Tuesday addressing CVE-2025-24201, a zero-day WebKit vulnerability exploited in “extremely sophisticated” targeted attacks. This out-of-bounds write issue could allow attackers using malicious web content to escape the Web Content sandbox. The update, available for iOS 18.3.2, iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1, and visionOS 2.3.2, is a supplementary fix for an attack previously blocked in iOS 17.2. This represents Apple’s third zero-day vulnerability patched in 2025.