Apple has released a fresh round of security updates for iPhone, iPad, and Mac that fix more than two dozen vulnerabilities, and the bulk of them sit in WebKit, the browser engine behind Safari. On the iPhone that matters more than it sounds, because Apple requires every browser, including Chrome, Firefox, and Edge, to use WebKit under the hood, so a single engine flaw exposes all of them. According to a write-up from Malwarebytes Labs summarizing Apple's advisories, several of the fixed bugs can be chained together to steal data or run code with little or no user interaction.
What is affected
The fixes ship in iOS and iPadOS 26.5.2, macOS Tahoe 26.5.2, and Safari 26.5.2 for older macOS Sonoma and Sequoia systems, covering iPhone 11 and later and recent iPad models. The WebKit issues include use after free bugs, memory corruption, and cross origin logic errors that can be triggered simply by loading a malicious web page. In several cases the impact ranges from crashing the browser to corrupting memory or leaking data from other sites open in different tabs. Apple also patched flaws in Web Extensions and permission handling that could have let extensions or websites reach more data than intended, plus related issues in the bundled libxslt and WebRTC components.
Why it matters
None of the patched vulnerabilities are known to have been exploited in the wild. The catch is that, because the updates went through an extended public beta, the technical details have been visible for a while, so attackers have had a head start on building working exploits. Browser engine bugs like these are a favorite target. Google recently rushed out fixes for Chrome zero-days in its Skia and V8 components that were already under active attack.
What you should do
Install the updates now rather than waiting. On an iPhone or iPad, go to Settings, then General, then Software Update. On a Mac, open the Apple menu, then System Settings, then General, then Software Update. Turning on automatic updates closes the gap for the next round.
This briefing is provided by IntelFusions for informational and defensive purposes only. It is based on sources assessed to be reliable at the time of writing, and analytic judgments carry the confidence levels indicated. Indicators of compromise are defanged; re-arm them only in controlled environments. IntelFusions is not affiliated with the organizations named and makes no warranty as to completeness or accuracy.