Apple released security updates Monday to address software defects in the latest version of the company’s Safari browser and other applications across iOS, iPadOS and macOS. 

The security issues addressed across the latest versions of Apple’s most popular platforms include 62 vulnerabilities affecting iOS 18.4 and iPadOS 18.4, 131 vulnerabilities affecting macOS Sequoia 15.4 and 14 vulnerabilities affecting Safari 18.4.

The batch of software defects addressed by Apple includes CVE-2025-24221, which could make sensitive keychain data accessible from an iOS backup, and CVE-2025-24245, which could allow an attacker to use a malicious application to access a user’s saved passwords in macOS.

Apple also released security updates in older versions of its operating systems to address two actively exploited zero-day vulnerabilities it identified and released emergency software patches for March 11. 

A zero-day vulnerability in the company’s WebKit web browser engine, tracked as CVE-2025-24201, can allow an attacker to break out of WebKit’s Web Content sandbox and potentially conduct unauthorized actions. The second zero-day, CVE-2025-24200, can allow an attacker with physical access to disable USB Restricted Mode on a locked device.

Apple said both zero-days were actively exploited in an “extremely sophisticated attack against specific target individuals.” Apple released security updates Monday to address the zero-days in iOS 15.8.4 and 16.7.11, and iPadOS 15.8.4 and 16.7.11, versions of the company’s operating systems that power previous generation iPhones and iPads.

More information about Apple’s latest security updates are available on its website.

The post Apple issues fixes for vulnerabilities in both old and new OS versions appeared first on CyberScoop.

Take a moment to list all the digital accounts you've signed up for, and it's probably more than you realized: email, social media, banking, streaming services, cloud storage, music, gaming, and fitness...it adds up. But using the same login credentials for every service is a bad idea, and if you reuse passwords across accounts, let me summarize the simplest advice you should take away from this article: You shouldn't. But, of course, it's nearly impossible to remember as many unique usernames and secure passwords as you need for your various accounts. That's where password managers come in.

Password managers hide your various login credentials behind one main username and password so that logging into the password manager gives you access to everything else. It's a secure alternative to writing your passwords down or saving them in a spreadsheet, and more reliable than your memory. They can often store other data, too—think credit card numbers, PIN codes, and authenticator keys—and may also give you extra features like scanning data breaches for your credentials. If you've yet to switch to a password manager, consider this a sign to get started. It can be intimidating at first, but getting started may be easier than you think.

Some of the most important password manager features

Password managers are all slightly different, but you'll find many of the same features across brands. First and foremost, they store your passwords—often popping up inside web browsers and on phones whenever you need to log into an account—and provide you with your login credentials with one click or tap. As sign-in technologies have evolved, though, so have password managers. Many can now also help with two-factor authentication codes and passkeys for websites or apps that need more than just a username and password. At the same time, these password managers are secured with a main username and password you need to remember—and often with biometric authentication, too.

The best password managers work seamlessly across devices. Credit: NordPass

Most password managers will also suggest strong passwords for new accounts: Passwords that mix up random special characters, letters, and numbers, so they're extremely difficult to hack. With a password manager, you don't actually need to know what your passwords are—the program handles everything. You'll often see password managers offer additional security features as well, ranging from notifying you of duplicate passwords, to dark web monitoring for your email addresses, usernames, or passwords. If your login details appear in a data breach, you get an alert about it, and you can change them.

How password managers secure your data

You might wonder how password managers make sure your passwords are securely and privately locked away. Details vary between software packages, but they'll invariably use end-to-end encryption, with your main password as the decryption key, meaning that means no one else—from hackers to password manager developers to government agencies—can access your details without that password. Additional security measures are often implemented as well. Take 1Password as an example: It uses PBKDF2 (Password-Based Key Derivation Function 2) key strengthening, which, in simple terms, means that passwords are obscure enough that it would take decades to crack. It also gives users a secret key, known only to them, that works as an extra security layer on top of your password.

A host of encryption and other security layers are applied to your password vault. Credit: LastPass

In other words, you can't just use your pet's name as your password manager password. Extra security layers, including two-factor authentication and biometric scans, are often added too. Where your credentials need to be synced across multiple devices, strong encryption protocols are again deployed. Without your password, the data is useless, and only you know your password.

Most password managers now combine local and cloud storage options, because we all need our passwords on so many devices. However, it's worth bearing in mind that the fewer places you have your password manager installed, the less chance there is of someone else gaining access to it—so some users just keep their password manager on their phone.

Why you should use a password manager

Simply put, using a password manager is a whole lot more secure than other options, like listing them in a Google Doc. Say, for example, that you left your laptop unlocked and someone sat down at it. With a Google Doc, that person would be more likely to access your password document than they would a password manager where they would need extra security clearance.

Apple and Google have their own password manager options. Credit: Lifehacker

The free offerings from Google and Apple have improved significantly in recent years, but they still don't quite offer the level of protection, breadth of features, and cross-platform support of the best dedicated password managers. One example: In the case of Google Password Manager, on-device encryption (meaning that you manage the decryption key locally, as with a password manager, rather than Google managing it) remains an optional extra that you have to enable, rather than enabled by default.

Given the protection and features that come with dedicated password managers, it's typically worth most people investing in one. Some software packages offer a free tier, but they may be limited in terms of the features you get and the number of devices you can use them on. You can expect to pay a few bucks per month for most apps, but you can also look for bundled deals that include VPNs and adblockers, for instance. Whatever brand or package you choose, though, you should begin using a password manager. You get a private password vault, a host of protections to keep it safe, and added features like data breach monitoring and strong password generators. Plus, the best password managers sync seamlessly across all of your devices, ready when you need them.