Apple patches urgent security flaws as the threat from artificial intelligence looms: this is the first time
For the first time, the Cupertino-based company has brought forward the release of a number of security patches for the iPhone, iPad, Mac and Safari. This is an unusual emergency measure.
Apple has brought forward the release of a number of security patches for the iPhone, iPad, Mac and Safari. This is an emergency measure that is unusual for Apple, but is justified by the threat posed by artificial intelligence.
Under normal circumstances, the patches would have been released with iOS 26.6, iPadOS 26.6 and macOS Tahoe 26.6, but the company decided it could not wait that long. As reported to Reuters, artificial intelligence now enables attackers to rapidly exploit known vulnerabilities to breach users’ devices. Consequently, it has become essential for companies to fix them quickly.
The release on 29 June 2026 covers iOS 26.5.2, iPadOS 26.5.2, macOS Tahoe 26.5.2 and Safari 26.5.2. In its official security bulletins, Apple details fixes for components such as the kernel, WebKit, WebRTC, web extensions, WebKit Storage and libxslt. According to the company, there is no evidence of active exploitation of the patched vulnerabilities. The problem is that it might have been a matter of just a few days or hours: once a fix is made available in beta or documented in the security bulletins, attackers can also analyse it to reconstruct the original flaw.
What do the patches fix?
A patch is a modification to software that fixes a flaw, mitigates a vulnerability or prevents an error from being exploited. In the case of Apple updates 26.5.2, the risks described include memory corruption, unexpected crashes, disclosure of sensitive information, cross-origin data exfiltration, possible circumvention of sandbox restrictions and, for certain kernel vulnerabilities, writing to or altering system memory.
This update is also relevant for businesses. The vulnerabilities also affect the browser engine, which is a daily target for attacks: malicious links, compromised pages, malvertising or web extensions can become the first step in a chain of compromise. Kernel vulnerabilities, on the other hand, affect the lowest levels of the operating system and can be particularly damaging when combined with other exploits (exploitation techniques used by cybercriminals).
-U56181578472NYG-1440x752@IlSole24Ore-Web.jpg?r=650x341)
