Feds Warn iPhone And Android Users, Zero Day Attacks Confirmed

Feds war zero day

Dangerous December continues. The U.S. government has just warned iPhone (and other Apple product) users to update all devices now, with attacks already underway. Samsung, Pixel and other Android users have already received a similar alert.
The latest warning from America’s cyber defense agency says that CVE-2025-43529, affecting iOS and other Apple products “is a use-after-free vulnerability in WebKit. Processing maliciously crafted web content may lead to memory corruption.” This impacts Safari and non-Apple browsers and apps using WebKit.

When it updated its products and warned attacks were underway, Apple confirmed CVE-2025-14174 is also under attack. This vulnerability was already the subject of a CISA warning for all Google Chrome and other Chromium browsers users.
America’s cyber defense agency warns “Google Chromium contains an out of bounds memory access vulnerability in ANGLE that could allow a remote attacker to perform out of bounds memory access via a crafted HTML page.” You can see the pattern.

Mullvad Ad

Dangerous December was kicked off by Google warning Android is under attack. And Google’s OS has two CISA warnings of its own. CVE-2025-48572 and CVE-2025-48633 are privilege escalation and information disclosure threats to Android’s framework.
This is all being driven by mercenary, commercial spyware. This begins with targeted attacks on specific users, many of whom have been warned directly by Apple and Google. But it doesn’t stop there. "It will quickly become a must have exploit for a range of threat actors,” says James Maude from BeyondTrust.

CISA Binding Operational Directive (BOD) makes it mandatory for federal staff to update or stop using affected devices. The Android deadline is Dec. 23. The Chrome deadline is Jan. 2. And the iPhone and other Apple device deadline is Jan. 5.
CISA says that although its BOD only applies to federal agencies, it “strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of (Known Exploit) Catalog vulnerabilities.”

The Societal News Team updated 28DEC2025

eu ukriane russia

Economic Motivations for the EU Engaging in a Sustained Conflict with Russia

rise of onlfys fall of America

Pornography, OnlyFans, and the Unraveling of the American Empire

Ai data Center

The AI Investment Tsunami: Unpacking the Trillions Pouring into LLMs