Apple Releases Security Updates Addressing Over 100 Vulnerabilities Across Multiple Platforms
Apple released a comprehensive set of security updates for its major operating systems and applications, including iOS 26.1, iPadOS 26.1, macOS Tahoe 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, tvOS 26.1, watchOS 26.1, visionOS 26.1, Safari 26.1, and Xcode 26.1. The updates address 110 vulnerabilities, several of which involve memory corruption issues in components such as ImageIO, FontParser, and WebKit, potentially allowing remote code execution. Other vulnerabilities could allow unauthorized access to sensitive user data through components like Spotlight, CoreMedia, MallocStackLogging, Admin Framework, sudo, Security, SoftwareUpdate, and AppleMobile. None of the vulnerabilities were reported as actively exploited at the time of release, and Apple provided limited technical details in its advisories.
Security authorities, including the Canadian Centre for Cyber Security, have urged users and administrators to promptly apply these updates to mitigate potential risks. The updates are considered routine but critical, given the breadth of affected products and the potential impact of the vulnerabilities. Users are advised to review Apple's official security update documentation and ensure all devices are updated to the latest versions to maintain security and privacy protections.

Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
2 events from the most recent confirmed update back to the earliest known activity.
Security community and agencies publish advisories on Apple flaws
Following Apple's releases, organizations including the Canadian Centre for Cyber Security, SANS ISC, Malwarebytes, and CISecurity published advisories urging users and administrators to update affected Apple products. These notices highlighted the volume of patched flaws and the potential impact of unpatched systems.
Apple releases broad security updates for multiple products
Apple issued security updates addressing roughly 50 vulnerabilities across its product line, including flaws that could allow arbitrary code execution. The releases were documented in Apple's security advisories and prompted downstream alerts from government and security organizations.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
6 references tracked. Mallory keeps watching after this page renders.
Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution
cisecurity.org
Open sourceApple patches 50 security flaws—update now
malwarebytes.com
Open sourceApple security releases
support.apple.com
Open sourceApple security releases
support.apple.com
Open sourceApple Patches Everything, Again
isc.sans.edu
Open sourceApple security advisory (AV25-722)
cyber.gc.ca
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.


