🟠 High | Source: The Hacker News
Apple has released security updates for iOS, macOS, and Safari addressing over 30 vulnerabilities, including four WebKit flaws discovered using AI tools such as Anthropic Claude and OpenAI Codex Security. WebKit vulnerabilities are particularly significant as they affect the browser engine underpinning Safari and all iOS browsers, with memory corruption issues potentially enabling remote code execution. This release is notable for marking a mainstream shift towards AI-assisted vulnerability research in production security tooling.
Security Architect’s Take: Ensure all managed Apple devices in your fleet have MDM-enforced update policies to deploy this patch promptly, paying particular attention to any iOS or macOS endpoints with access to corporate cloud environments or sensitive SaaS applications, as WebKit memory corruption flaws can be exploited via malicious web content with no user interaction beyond visiting a page.
Original advisory: Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs