Yesterday Apple released several updates for its operating systems. iOS 26.0.1 and iPadOS 26.0.1 iOS 18.7.1 and iPad OS 18.7.1 macOS Tahoe 26.0.1 macOS Sequoia 15.7.1 macOS Sonoma 14.8.1 visionOS 26.0.1 watchOS 26.0.2 tvOS 26.0.1 Most include security updates.  Some have complained about battery drain on iOS 26 but I’ve found that right after a […]

Yesterday, Apple released iOS/iPadOS/macOS/watchOS/and tvOS 26. You can stay with iOS 18 or MacOS 15 or upgrade to the 26 version. My recommendation for iPhones is to stick with iOS 18 for now. Whenever there is a major release, you want to watch for any issues or side effects. The latest version of iOS and […]

Apple’s latest operating systems for its most popular devices — iPhones, iPads and Macs — include patches for multiple vulnerabilities, but the company didn’t issue any warnings about active exploitation. 

Apple patched 27 defects with the release of iOS 26 and iPadOS 26 and 77 vulnerabilities with the release of macOS 26, including some bugs that affected software across all three devices. Apple’s new operating systems, which are now numbered for the year of their release, were published Monday as the company prepares to ship new iPhones later this week.

Users that don’t want to upgrade to the latest versions, which adopt a translucent design style Apple dubs “liquid glass,” can patch the most serious vulnerabilities by updating to iOS 18.7 and iPad 18.7 or macOS 15.7. Most Apple devices released in 2019 or earlier are not supported by the latest operating systems.

None of the vulnerabilities Apple disclosed this week appear to be under active attack, Dustin Childs, head of threat awareness at Trend Micro’s Zero Day Initiative, told CyberScoop.

Apple previously issued an emergency software update to customers last month to patch a zero-day vulnerability — CVE-2025-43300 — that was “exploited in an extremely sophisticated attack against specific targeted individuals,” the company said in a series of updates for iOS, iPadOS and macOS.

The company has addressed five actively exploited zero-days this year, including defects previously disclosed in January, February, March and April. Seven Apple vulnerabilities have been added to the Cybersecurity and Infrastructure Security Agency’s known exploited vulnerabilities catalog this year. 

Unlike many vendors, Apple doesn’t provide details about the severity of vulnerabilities it addresses in software updates. Childs noted it would be helpful if Apple issued some sort of initial severity indicator alongside the vulnerabilities it patches — even if it doesn’t follow the Common Vulnerability Scoring System.

A pair of vulnerabilities patched in macOS — CVE-2025-43298, which affects PackageKit, and CVE-2025-43304, which affects StorageKit — are concerning because exploitation could allow an attacker to gain root privileges, Childs said. 

“On the iOS side, I don’t see anything that makes me sweat immediately but there are a lot of bugs addressed,” he added.

Apple also patched seven defects in Safari 26, 19 vulnerabilities in watchOS 26, 18 bugs in visionOS 26 and five defects in Xcode 26. 

More information about the vulnerabilities and latest software versions are available on Apple’s security releases site.

The post Apple addresses dozens of vulnerabilities in latest software for iPhones, iPads and Macs appeared first on CyberScoop.

Apple is out with its Patch Wednesday, releasing the following: iOS 18.6.2 and iPadOS 18.6.2 iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later 20 […]

Apple rushed an emergency software update to its customers Wednesday to address an actively exploited zero-day vulnerability affecting the software powering the company’s most popular devices. The out-of-bounds write defect — CVE-2025-43300 — allows attackers to process a malicious image file resulting in memory corruption. 

“Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals,” the company said in a series of security updates for iOS, iPadOS and macOS.

The Cybersecurity and Infrastructure Security Agency added the defect to its known exploited vulnerabilities catalog Thursday.

Apple did not say how many active exploits it’s aware of or how many people are impacted. The company did not respond to a request for comment. 

Apple typically shares limited details about in-the-wild exploitation of zero-days, yet it has used stronger language in at least five vulnerability disclosures this year to indicate when sophisticated attackers are involved or specific people are targeted by these attacks, according to Satnam Narang, senior staff research engineer at Tenable.

“This language suggests that Apple is being purposeful in its external communication,” Narang said in an email. “While the impact to the wider populace is smaller because the attackers exploiting CVE-2025-43300 had a narrow, targeted focus, Apple wants the public to pay attention to the threat and take immediate action.”

Apple said it improved bounds checking to address the vulnerability and advised customers on impacted versions of the affected software to apply the update immediately. The defect affects macOS versions before 13.7 and 15.6, iPadOS versions before 17.7 and iOS and iPadOS versions before 18.6.

“While the possibility of the average user being a target is low,” Narang said, “it’s never zero.”

The vulnerability marks the fifth zero-day Apple has addressed this year, including defects previously disclosed and patched in January, February, March and April. Apple defects have made seven appearances on CISA’s known exploited vulnerabilities this year.

More information about the vulnerability is available on Apple’s website.

The post Apple discloses actively exploited zero-day affecting iOS, iPadOS and macOS appeared first on CyberScoop.

Released back on July 29 and 30, iOS 18.6, iPadOS 18.6, iPadOS 17.7.9, Sequoia, Sonoma, Venture, etc., etc., all got updates. Safari 18.6 received an update on July 30. Often, I forget that Apple is dribbling out patches until I read it elsewhere, or my Defender for iOS pops up and recommends that I install […]

APPLE By Will Fastie Apple’s entire keynote for this year’s Worldwide Developers Conference focused on extensive changes to all its operating systems. There were no hardware or device announcements, but changes to macOS have profound ramifications for Intel-based Apple devices from previous generations. Some Apple users will be unhappy. Read the full story in our […]