Apple says Mac users targeted in zero-day cyber attacks: Here's how to stay safe

macOS vulnerability: Apple has released a security update for all its Macs to fix two zero-day vulnerabilities, which it says have been exploited in wild by malicious hackers. 
company, in its official visory, wrote that it has released macOS Sequoia 15.11 security update for its Macs and MacBooks. This update fixes two criticial vulnerabilities with ID -- CVE-2024-44308 and CVE-2024-44309 -- that were identified by members of Google's Threat Analysis Group. se vulnerabilities affect company's Intel-based Macs and have been actively exploited by hackers.

"Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems," company wrote in its visory.

Why should Mac users care about Apple's visory?

As mentioned before, update includes fixes to two bugs. first bug affects JavaScriptCore component of macOS and it can be used by hackers to execute an arbitrary code simply by user processing a maliciously crafted web content.

second bug affects WebKit component of macOS and it can be used by hackers to le a cross site scripting attack. For unversed, a cross site scripting attack is a cyber attack wherein cyber criminals can run a malicious piece of code on a user's device when y visit a genuine website. This attack can be used by hackers to take a user's identity and perform actions on ir behalf, access cookies, session tokens, and or sensitive data, and rewrite HTML content on a web page.

How can Mac users safeguard mselves?

Users can safeguard mselves by downloing most recent security update released on ir Macs by Apple. Here is a step-by-step guide for downloing update:

Step 1: From Apple Menu on top of scree, select System Settings.

Step 2: General Settings option in sidebar that opens.

Step 3: Software Update option on right.

Step 4: on Update Now option.

Step 5: Before installation begins, users may be asked to enter ir ministrator password. Enter password to continue with process.