Is Apple failing to protect users? Zero-Click vulnerability puts iPhones, iPads, Macs and Crypto wallets at risk

Apple software update: Apple devices were at threat as a critical security vulnerability would have allowed hackers to gain control of iPhones, iPads, and Macs without users even clicking a link, as per a report. However, the tech giant has issued an alert to Apple users, urging them to update their devices to address the zero-click vulnerability, which could have been direct threat to crypto users, as per The Street report.

iPhones, iPads, and Macs Were at Risk Without User Action

The main issue was releated to the way Apple devices process images, which led to a dangerous opening for attackers to get access and steal sensitive data, like cryptocurrency wallets, according to a Tip Ranks report.

The bug was found in the Apple’s Image I/O framework, which lets applications to handle a wide range of image file types, as per the report. By exploiting this vulnerability, attackers had the potential to trigger memory corruption through a maliciously crafted image file, that could enable arbitrary code execution without any user interaction, as reported by AInvest.

ALSO READ: Are Apple, OpenAI, Google, Meta, and Amazon plotting to take down state AI regulations?

Critical iPhone, iPad, and Mac Security Bug Put Crypto Wallets At Risk

This vulnerability is more worrying for cryptocurrency users, as it could let attackers access sensitive information like wallet keys and login credentials, according to the repirt. What makes it so dangerous is that it's a zero-click exploit, that means a user does not have to tap, open, or download anything, just receiving a malicious image through iMessage or another messaging app could be enough for the attack to happen, completely bypassing normal security protections, as reported by AInvest.

Security experts explained that risk was high for crypto holders because unlike stolen credit cards or bank details, stolen digital assets cannot be reversed once they are transferred, which makes cryptocurrency users prime targets, as per the Tip Ranks report.

CEO of cybersecurity firm Coinspect, Juliano Rizzo, explained how the attack worked, saying, “This is a zero-click vulnerability that does not require user interaction, and an attachment delivered via iMessage can be processed automatically and lead to device compromise,” as quoted by Tip Ranks.

ALSO READ: After Microsoft and Intel, now Cisco to layoff staff in its Bay Area office - here are the departments affected

Apple Fixes Critical Zero-Click Vulnerability

The tech giant said in an advisory on Thursday that the issue had been fixed in the the firm's latest software updates across its ecosyste, including, iOS, iPadOS, and macOS, as per the report. Apple has fixed the issue by releasing iOS 18.6.2, iPadOS 18.6.2, and corresponding updates for macOS systems, as reported by AInvest.

While Apple did not disclosed the identities of the attackers or the full scope of the breach, but warned that the bug had already been linked to “an extremely sophisticated attack against specific targeted individuals,” as per the AInvest report.

Apple Urges All Users to Update Devices Immediately

Apple also advised its users to update their devices immediately through the Software Update section in their device settings to mitigate the risk, according to the report.

ALSO READ: DeepSeek unveils GPT-5 challenger — cheaper, faster, and built for China’s chips

FAQs

What is a zero-click vulnerability?
It’s a security flaw that doesn’t require the user to click or do anything, attackers can exploit it just by sending a malicious file, like an image, as per the AInvest report.

Has Apple fixed the issue?
Yes, Apple has released updates to patch the vulnerability across iOS, iPadOS, and macOS, as per the AInvest report