iOS 18.6 Patches Zero-Day Flaw Exploited In Chrome Attacks

With iOS 18.6 finally available, Apple didn't give iPhone users many reasons to upgrade ahead of the major iOS 26 release expected for later this fall. After all, alongside the usual "bug fixes and security improvements," the company said that iOS 18.6 fixed a "rare" issue that was preventing users from sharing video memories from the Photos app.

While some people prefer not to upgrade their iPhone software due to the myth that it makes their devices slower or permanently impacts their battery life, bad release notes can also be harmful when they don't provide the most pertinent details about the update. In this case, Apple has also patched a major security flaw that has been exploited in Google Chrome zero-day attacks.

With that said, not updating your iPhone to iOS 18.6 (or to the latest iOS 26 betas) means you could face a major security breach that might allow hackers to run malware on your device, steal data, or spy on your activity.

As spotted by Bleeping Computer, this high-severity vulnerability was addressed by Apple as CVE-2025-6558. The vulnerability in the Chrome browser's GPU opened the door to being attacked by just visiting a hacked website, as the attackers would be able to run a code on your Mac or iPhone and bypass the protections that normally keep the browser safe.

With that in mind, hackers could easily run malware on your device to steal your passwords, deploy ransomware to lock your files, and even use your computer for crypto-mining or botnet attacks.

This zero-day flaw could even intercept your clipboard when you're copying over important personal details or credit card numbers, or record from your webcam or microphone. That said, this threat indeed means you need to update your iPhone and Mac to iOS 18.6 and macOS 15.6 as soon as you're able to do so, as these attacks could be performed even if you're tech savvy and always on the lookout for scams.