Fintech

Apple patches urgent security flaws as the threat from artificial intelligence looms: this is the first time

For the first time, the Cupertino-based company has brought forward the release of a number of security patches for the iPhone, iPad, Mac and Safari. This is an unusual emergency measure.

3' min read

Translated by AI
Versione italiana

3' min read

Translated by AI
Versione italiana

Apple has brought forward the release of a number of security patches for the iPhone, iPad, Mac and Safari. This is an emergency measure that is unusual for Apple, but is justified by the threat posed by artificial intelligence.

Under normal circumstances, the patches would have been released with iOS 26.6, iPadOS 26.6 and macOS Tahoe 26.6, but the company decided it could not wait that long. As reported to Reuters, artificial intelligence now enables attackers to rapidly exploit known vulnerabilities to breach users’ devices. Consequently, it has become essential for companies to fix them quickly.

Loading...

The release on 29 June 2026 covers iOS 26.5.2, iPadOS 26.5.2, macOS Tahoe 26.5.2 and Safari 26.5.2. In its official security bulletins, Apple details fixes for components such as the kernel, WebKit, WebRTC, web extensions, WebKit Storage and libxslt. According to the company, there is no evidence of active exploitation of the patched vulnerabilities. The problem is that it might have been a matter of just a few days or hours: once a fix is made available in beta or documented in the security bulletins, attackers can also analyse it to reconstruct the original flaw.

What do the patches fix?

A patch is a modification to software that fixes a flaw, mitigates a vulnerability or prevents an error from being exploited. In the case of Apple updates 26.5.2, the risks described include memory corruption, unexpected crashes, disclosure of sensitive information, cross-origin data exfiltration, possible circumvention of sandbox restrictions and, for certain kernel vulnerabilities, writing to or altering system memory.

This update is also relevant for businesses. The vulnerabilities also affect the browser engine, which is a daily target for attacks: malicious links, compromised pages, malvertising or web extensions can become the first step in a chain of compromise. Kernel vulnerabilities, on the other hand, affect the lowest levels of the operating system and can be particularly damaging when combined with other exploits (exploitation techniques used by cybercriminals).

Apple’s decision confirms what experts have long feared. Because of AI, the traditional cycle of testing, beta releases and stable distribution is becoming harder to sustain when automated analysis tools can speed up reverse engineering, the creation of proof-of-concept exploits and the adaptation of exploits.

The impact of AI on the risk window

This issue is not limited to Apple. In its report “Impact of AI on cyber threats from now to 2027”, the UK’s National Cyber Security Centre identified vulnerability research and the development of exploits as areas where AI can increase the efficiency and scale of cyber-attacks. The agency notes that the time between disclosure and exploitation has already been reduced to a matter of days and that AI could further shorten this window.

ENISA, too, in its “Threat Landscape 2025” report published in October 2025 and based on 4,875 incidents observed between July 2024 and June 2025, identifies the exploitation of vulnerabilities as one of the main vectors for initial access, accounting for 21.3 per cent of the cases analysed. The report also highlights campaigns capable of exploiting vulnerabilities within a few days of their disclosure.

As a result, organisations and users now have to act quickly. Again, because of AI, vulnerabilities that have already been fixed but not yet patched on devices become a more exposed area of risk. A vulnerability does not need to be a zero-day to cause damage. An n-day vulnerability – that is, one that is already known and has been fixed by the vendor – remains exploitable until the update is installed.

Within organisations, iPhones, iPads and Macs are used to access email, digital identities, cloud applications, signing tools, confidential documents and administrative consoles. Delaying a patch for compatibility reasons may be necessary, but any delay must be brief, proportionate and justified.

Everything is changing: organisations must improve their patching, testing and compliance policies to restrict access to corporate resources from out-of-date devices. Users with elevated privileges, or those in financial, legal, executive or administrative roles, should have tighter update windows.

Apple’s 26.5.2 update thus sends a signal to the entire market: the security of users’ and businesses’ devices will increasingly depend on the ability to roll out rapid fixes without losing operational control.

Copyright reserved ©
Loading...

Brand connect

Loading...

Newsletter

Notizie e approfondimenti sugli avvenimenti politici, economici e finanziari.

Iscriviti