Apple Rushes Zero-Day Fix With Direct Risk to Crypto Users

We may earn commissions from affiliate links or include sponsored content, clearly labeled as such. These partnerships do not influence our editorial independence or the accuracy of our reporting. By continuing to use the site you agree to our terms and conditions and privacy policy.

Article Details
Written by
Kosta Gushterov
Last Updated: Aug 22, 2025
Time to Read: 2 min

Apple has rolled out urgent security updates across iOS, iPadOS, and macOS, patching a zero-day vulnerability already being exploited in the wild.

The bug, tracked as CVE-2025-43300, affects the ImageIO framework, a system component that handles image processing across apps.

Zero-day in everyday images

According to Apple, a maliciously crafted image could trigger memory corruption and allow attackers to execute arbitrary code. Because ImageIO underpins standard tasks, such as viewing photos in messages, emails, or browsers, the attack vector is particularly accessible. Security analysts flagged the flaw as part of a highly targeted campaign against individuals. Apple addressed the issue by strengthening bounds checks in ImageIO.

Why crypto users should care

While the vulnerability is broad, it poses unique risks to cryptocurrency holders. Many users store sensitive information in images, screenshots of seed phrases, photos of recovery words, or even QR codes of wallet addresses. If compromised, such data provides attackers direct access to funds.

The danger is not theoretical. Research in 2025 documented mobile spyware families designed to scan device photo galleries with optical character recognition (OCR) to extract recovery phrases. Security firm Kaspersky highlighted examples like SparkCat and its successor SparkKitty, which were observed exfiltrating seed phrase images on both iOS and Android, even through apps distributed via official app stores. Clipboard hijacking, where malware swaps wallet addresses during transactions, remains another well-documented tactic.

Read More:

Fed Minutes Reveal Growing Focus on Stablecoins Under New U.S. Law

Updates now available

Apple’s emergency patches cover:

iOS 18.6.2 / iPadOS 18.6.2
macOS Sequoia 15.6.1
macOS Sonoma 14.7.8
macOS Ventura 13.7.8

Users are strongly advised to update immediately, especially those managing crypto wallets on mobile devices. Given the attack’s confirmed in-the-wild exploitation, delaying could expose personal assets to theft.

Source

#crypto
Leave Reaction
Share Article
Kosta Gushterov
Kosta has been working in the crypto industry for over 4 years. He strives to present different perspectives on a given topic and enjoys the sector for its transparency and dynamism. In his work, he focuses on balanced coverage of events and developments in the crypto space, providing information to his readers from a neutral perspective.
About Author
Kosta Gushterov
2047 articles Since 2022
comment-icon Commentaries
Add your comment

Fill in necessary fields and publish

Related Articles
хакер
How Hacks Destroy Crypto Projects Long After Funds Are Recovered
Jan 18, 2026, Alexander Zdravkov
hacker
How a Single Approval Led to a $282 Million Crypto Loss
Jan 17, 2026, Alexander Zdravkov
Ledger Breach Underscores Persistent Security Gaps Beyond the Blockchain
Jan 5, 2026, Alexander Zdravkov
Trust Wallet Breach Exposes Risks in Browser Extension Security
Dec 26, 2025, Alexander Zdravkov
Legal Battle Reignites Over Who Benefited From Terra’s Rise and Fall
Dec 19, 2025, Alexander Zdravkov
Massive European Crackdown Uncovers Industrial-Scale Investment Scam
Dec 5, 2025, Alexander Zdravkov
China Claims U.S. Seized Billions in Bitcoin From 2020 LuBian Hack
Nov 11, 2025, Alexander Stefanov
European Ponzi Scheme Unraveled: Madeira Invest Club’s €260M Crypto Fraud Leads to Arrest
Nov 9, 2025, Alexander Zdravkov
nexo
Prosecutors Push for Maximum Sentences in Samourai Wallet Money-Laundering Case
Nov 4, 2025, Alexander Zdravkov
$128M Exploit Puts Spotlight Back on DeFi Security Flaws
Nov 3, 2025, Alexander Zdravkov