Google and Apple roll out emergency security updates after zero-day attacks

Apple and Google have released several software updates to protect against a hacking campaign targeting an unknown number of their users. On Wednesday, Google released patches for a handful of security bugs in its Chrome browser, noting that one of the bugs was being actively exploited by hackers before the company had time to patch it. Unusually for Google, the company provided no further details at the time. But on Friday, Google updated the page to say that the bug was discovered by Apple’s security engineering team and Google’s Threat Analysis Group, whose security researchers primarily track government hackers and mercenary spyware makers, indicating that the hacking campaign may have been orchestrated by government-backed hackers. At the same time, Apple released security updates for its flagship products, including iPhones, iPads, Macs, Vision Pro, Apple TV, Apple Watches, and its Safari browser. According to the security advisory for iPhones and iPads, Apple patched two bugs and the company said it was aware “that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals” running devices prior to iOS 26. That language is Apple’s typical way of saying that it knows some of its customers and users were targeted by hackers exploiting zero-days, meaning flaws that at the time of exploitation are unknown to the software makers. Often, these are cases where government hackers used hacking tools and spyware made by companies such as NSO Group or Paragon Solutions to target journalists, dissidents, and human rights activists. Apple and Google did not immediately respond to a request for comment. Topics Apple, Google, Google Threat Analysis Group, hackers, hacking, iOS, iPadOS, Security, Spyware, Zero-days Lorenzo Franceschi-Bicchierai Senior Reporter, Cybersecurity Lorenzo Franceschi-Bicchierai is a Senior Writer at TechCrunch, where he covers hacking, cybersecurity, surveillance, and privacy. You can contact or verify outreach from Lorenzo by emailing lorenzo@techcrunch.com, via encrypted message at +1 917 257 1382 on Signal, and @lorenzofb on Keybase/Telegram.

View Bio Dates TBD Locations TBA Plan ahead for the 2026 StrictlyVC events. Hear straight-from-the-source candid insights in on-stage fireside sessions and meet the builders and backers shaping the industry. Join the waitlist to get first access to the lowest-priced tickets and important updates.

Waitlist Now Most Popular Google launched its deepest AI research agent yet — on the same day OpenAI dropped GPT-5.2 Julie Bort Disney hits Google with cease-and-desist claiming ‘massive’ copyright infringement Aisha Malik OpenAI fires back at Google with GPT-5.2 after ‘code red’ memo Rebecca Bellan Marco Rubio bans Calibri font at State Department for being too DEI Julie Bort SpaceX reportedly planning 2026 IPO with $1.5T valuation target Sean O'Kane Claude Code is coming to Slack, and that’s a bigger deal than it sounds Rebecca Bellan Creator IShowSpeed sued for allegedly punching, choking viral humanoid Rizzbot Dominic-Madori Davis