News Brief

Apple Releases Security Update for Suspicious Vulnerability Exploited in Sophisticated Attack

Specific Attacks Targeted Individuals, Details Remain Unpublished

Apple has released a security update to address a vulnerability that the tech giant reports may have been exploited in an "extremely sophisticated attack." The attacks targeted specific individuals, although Apple has not provided any further information about the victims or the nature of the attacks.

Vulnerability Details

The vulnerability, tracked as CVE-2025-24200, could allow for a physical attack to disable USB Restricted Mode on a locked device. This feature, USB Restricted Mode, makes it more difficult for threat actors to unlock a user’s phone. When active, a phone’s lightning port will only allow charging after the device has been locked for more than an hour. This limits the ability of unauthorized actors to access a locked iPhone’s data, requiring them to have the necessary credentials to do so.

Available for iPhone and iPad Devices

The security update to fix this vulnerability is available for iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch third generation and later, iPad Pro 11-inch first generation and later, iPad Air third generation and later, iPad seventh generation and later, and iPad mini fifth generation and later. Users of these devices should install updates as soon as possible and can check if they’re updated to the latest software version by going to their settings.

Concerns and Precautions

These kinds of vulnerabilities are typically deployed by commercial spyware vendors, such as Pegasus, to target particular individuals. Although the average user shouldn’t be concerned about being targeted while the details of the attack remain unpublished, if they are published, copycat cybercriminals will try to imitate this attack vector. Therefore, updating to the latest version is crucial to maintain device security.