Apple unveiled an Apple Intelligence feature for iOS 27 that can automatically change passwords for compromised or weak accounts in Safari and the Apple Passwords app. Instead of only warning users that a credential is weak, duplicated, or exposed in a breach, the new capability can take users directly through remediation by generating a strong replacement password and saving it to their password vault. Apple said the feature is designed with a privacy-first architecture that combines on-device processing with Private Cloud Compute.
When a user reviews compromised credentials, they can tap a single Fix option and Safari will handle the reset flow on supported sites by signing in, navigating to the password-change page, creating a unique high-entropy password, and storing it automatically, with progress surfaced through Live Activities in Notification Center. Apple positioned the feature as a way to address the common problem of users ignoring breach alerts, helping reduce password reuse and lowering the risk of credential-stuffing attacks when the update ships later this year.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
4 events from the most recent confirmed update back to the earliest known activity.
Apple made the iOS 27 developer beta available following its WWDC announcement. The beta includes the new Apple Intelligence-powered password-management capability that can automatically change weak or compromised passwords on supported websites.
At WWDC 2026, Apple announced that macOS 27 Golden Gate will run only on Apple silicon Macs, ending Intel Mac eligibility for major OS upgrades. Apple said Intel Macs will continue receiving security updates through 2029.
Apple said the automatic password remediation capability is planned to arrive with iOS 27 later in 2026. The feature is designed to let users trigger an automated password reset flow with minimal interaction.
Apple announced at WWDC 2026 a new Apple Intelligence-powered feature for Safari and the Apple Passwords app that can automatically change weak or compromised passwords to strong ones. The company said the privacy-focused capability will split processing between on-device models and Private Cloud Compute.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
9 references tracked. Mallory keeps watching after this page renders.
macrumors.com
Open sourceghacks.net
Open sourcescworld.com
Open sourcezdnet.fr
Open sourcesecurityonline.info
Open sourcehelpnetsecurity.com
Open sourceghacks.net
Open sourcetheregister.com
Open sourcebleepingcomputer.com
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.