Close Menu
  • Home
  • News
  • Cyber Security
  • Internet of Things
  • Tips and Advice

Subscribe to Updates

Get the latest creative news from FooBar about art, design and business.

What's Hot

Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input

July 4, 2026

Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs

July 4, 2026

Mustang Panda Uses Zoho WorkDrive as Command Channel in Indian Government Attacks

July 4, 2026
Facebook X (Twitter) Instagram
Saturday, July 4
Facebook X (Twitter) Instagram Pinterest Vimeo
Cyberwire Daily
  • Home
  • News
  • Cyber Security
  • Internet of Things
  • Tips and Advice
Cyberwire Daily
Home»News»Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs
News

Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs

Team-CWDBy Team-CWDJuly 4, 2026No Comments3 Mins Read
Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
Share
Facebook Twitter LinkedIn Pinterest Email


Apple on Monday released security updates for iOS, macOS, and the Safari web browser to address over three dozen flaws, including four vulnerabilities in WebKit that were discovered using artificial intelligence (AI) tools like Anthropic Claude and OpenAI Codex Security.

The WebKit vulnerabilities are listed below –

  • CVE-2026-43707 – A memory corruption issue that could result in an unexpected process crash when processing maliciously crafted web content. It was addressed with improved memory handling.
  • CVE-2026-43716 – An unspecified issue that could result in an unexpected Safari crash when processing maliciously crafted web content. It was addressed with improved memory handling.
  • CVE-2026-43745 – An out-of-bounds write issue that could result in an unexpected Safari crash when processing maliciously crafted web content. It was addressed with improved input validation.
  • CVE-2026-43715 – A use-after-free issue that could result in memory corruption when processing maliciously crafted web content. It was addressed with improved memory management.

The first three security defects have been credited by Apple to OpenAI Codex Security, while Anthropic researchers Milad Nasr and Nicholas Carlini, along with Claude, have been acknowledged for CVE-2026-43715.

The four vulnerabilities are part of nearly 30 vulnerabilities that have been patched in WebKit, an open-source web browser engine developed by Apple. Others include a use-after-free issue in WebKit Canvas (CVE-2026-43720) and a vulnerability that could be exploited by a malicious website to process restricted web content outside the sandbox (CVE-2026-43725).

Apple has also remediated three bugs that could be exploited by a malicious app to leak sensitive kernel state (CVE-2026-43722), cause unexpected system termination or write kernel memory (CVE-2026-43724), or corrupt kernel memory (CVE-2026-39868). Security researcher Hyunwoo Kim, who discovered Dirty Frag, has been credited with discovering and reporting CVE-2026-43724 and CVE-2026-43722.

The updates are available for iOS 26.5.2, iPadOS 26.5.2, macOS Tahoe 26.5.2, and Safari 26.5.2. None of the patched vulnerabilities has been disclosed as actively exploited in the wild.

In a statement shared with Reuters, Apple said it’s making the security updates much earlier than before in response to concerns that AI tools could accelerate the development of exploits and act as an enabler of cyber warfare, shrinking the window between discovery and weaponization to hours.

The company said “it was adapting to ​the reality that, given the ability of artificial intelligence ​to speed the development of malicious hacking tools, it ⁠needed to reduce the time between when updates were first ​made public and when they were put into customers’ hands,” Reuters reported.



Source

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous ArticleMustang Panda Uses Zoho WorkDrive as Command Channel in Indian Government Attacks
Next Article Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input
Team-CWD
  • Website

Related Posts

News

Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input

July 4, 2026
News

Mustang Panda Uses Zoho WorkDrive as Command Channel in Indian Government Attacks

July 4, 2026
News

Linux Kernel Flaws, AI Malware Tricks, Turla Backdoor, Infostealers and More

July 4, 2026
Add A Comment
Leave A Reply Cancel Reply

Latest News

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

November 24, 202522 Views

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

September 7, 202517 Views

North Korean Hackers Target Crypto Firms with ClickFix and Zoom Lures

April 29, 202610 Views

Why SOC Burnout Can Be Avoided: Practical Steps

November 14, 20259 Views

Cyber M&A Roundup: Cyber Giants Strengthen AI Security Offerings

December 1, 20258 Views
Stay In Touch
  • Facebook
  • YouTube
  • TikTok
  • WhatsApp
  • Twitter
  • Instagram
Most Popular

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

November 24, 202522 Views

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

September 7, 202517 Views

North Korean Hackers Target Crypto Firms with ClickFix and Zoom Lures

April 29, 202610 Views
Our Picks

Beware of Winter Olympics scams and other cyberthreats

February 2, 2026

How to mitigate the security and privacy risks of smart glasses

May 11, 2026

Scams target soccer fans with fake World Cup tickets, merchandise

May 22, 2026

Subscribe to Updates

Get the latest news from cyberwiredaily.com

Facebook X (Twitter) Instagram Pinterest
  • Home
  • Contact
  • Privacy Policy
  • Terms of Use
  • California Consumer Privacy Act (CCPA)
© 2026 All rights reserved.

Type above and press Enter to search. Press Esc to cancel.