Apple released iOS 26.4 and iPadOS 26.4, making Stolen Device Protection enabled by default and shipping 34 security fixes across components including Audio, iCloud, Mail, Printing, Siri, and the iOS kernel. The update now requires biometric authentication to view saved passwords and disable Lost Mode on an iPhone, strengthening protections against device theft and account takeover. Apple also issued corresponding 26.4 updates for watchOS, macOS, tvOS, and visionOS.
Alongside the security changes, Apple added several user-facing features across its platforms, including AI-generated Playlist Playground playlists in Apple Music, an Ambient Music widget, offline song recognition in Control Center, native HLS video episode support in Podcasts, average bedtime tracking in Health, and support for third-party AI chatbots in CarPlay once providers update their apps. The release also fixes a long-running keyboard accuracy bug, while the widely rumored upgraded Siri was not included in this version.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
3 events from the most recent confirmed update back to the earliest known activity.
Apple released iOS 26.4.1 for iPhone 11 and newer as a minor update. Later reporting said it fixes an iOS 26.4 bug affecting iCloud syncing in some apps and automatically enables Stolen Device Protection on certain enterprise-managed devices updating from iOS 26.4.
Alongside iOS 26.4 and iPadOS 26.4, Apple also released version 26.4 updates for watchOS, macOS, tvOS, and visionOS. These broader platform updates were reported as part of the same release cycle.
Apple released iOS 26.4 and iPadOS 26.4, introducing consumer feature updates and enabling Stolen Device Protection by default, which requires biometric authentication for sensitive actions such as viewing passwords and disabling Lost Mode. The release also fixed a keyboard typing bug and included 34 security fixes affecting components including Audio, iCloud, Mail, Printing, Siri, and the iOS kernel.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
6 references tracked. Mallory keeps watching after this page renders.
zdnet.com
Open sourcemacrumors.com
Open sourcecnet.com
Open sourcezdnet.fr
Open sourcezdnet.com
Open sourcegsmarena.com
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.