Microsoft spotlights Apple bug patched in March as SharePoint exploits continue

Amidst its own failure to fix a couple of bugs now under mass exploitation and being abused for espionage, data theft, and ransomware infections, Microsoft said Monday that it spotted a macOS vulnerability some months ago that could allow attackers to steal private data. Redmond reported the bug to Cupertino, which issued a fix back in March.

The vulnerability, tracked as CVE-2025-31199, affects macOS Sequoia and has not yet been assigned a CVSS rating. Apple first disclosed the flaw in March, at the same time as releasing a fix.

In a Monday report, Microsoft Threat Intelligence said the now-fixed flaw could allow miscreants to extract and leak all sorts of sensitive information cached by Apple Intelligence, including precise geolocation data, photo and video metadata, face and person recognition data, search history, and user preferences.

This could have severe real-world consequences, such as physical stalking, harassment, and security threats, as an ...