// 1 ZERO-DAY · 2 CVE · 1 EXPLOIT IN THE LAST 24H
apple

Apple Compresses Patch Cycle After AI Uncovers Four WebKit Flaws

On June 29, 2026, Apple released iOS 26.5.2, iPadOS 26.5.2, macOS Tahoe 26.5.2, and Safari 26.5.2, addressing over 30 vulnerabilities.…

Jul 04, 2026views - 1.3k

VULN

macOS: Standard Users Disable EDR/MDM Without Admin Rights

A privilege escalation technique on macOS exploits CDHash caching and NIB injection to silently disable enterprise security tools. App…

Jun 24, 2026views - 956

malware

ClickFix macOS: When Users Bypass Gatekeeper Themselves

Microsoft has documented the latest evolution of ClickFix campaigns on macOS: operators have ditched manual DMG installers for Termina…

Jun 23, 2026views - 922

CYBERSEC

Tata Electronics Breach: 200,000 Files Leaked, Apple and Tesla Secrets Appear on Dark Web

Tata Electronics confirmed a cybersecurity incident on June 22, 2026, stating it occurred "a few weeks ago" with no operational impact…

Jun 23, 2026views - 2k

CYBERSECEXPLOIT

usbliter8: Unpatchable Exploit Hits Apple A12/A13 SecureROM

Paradigm Shift releases usbliter8, an unpatchable hardware exploit achieving arbitrary EL1 execution in Apple A12/A13 SecureROM via th…

Jun 19, 2026views - 1.1k

CYBERSEC

Apple Beats: Bluetooth Flaw Turns Headphones Into Spy Microphones

Apple patched CVE-2025-20701 in Beats Studio Buds: attackers within Bluetooth range could eavesdrop on conversations by exploiting a f…

Jun 18, 2026views - 853

CYBERSECEXPLOIT

Apple macOS USD Library Flaw Enables Information Disclosure and Exploit Chaining

A vulnerability in the macOS Universal Scene Description (USD) library (ZDI-26-315) allows for out-of-bounds reads and potential code…

May 26, 2026views - 162

CYBERSECCRITICAL

Apple Patches macOS RCE Vulnerability in USD Library (ZDI-26-314)

A critical out-of-bounds write in the macOS USD library could allow remote code execution through malicious 3D files. Apple released a…

May 23, 2026views - 130

VULNZERO-DAY

macOS USD Library Bug ZDI-26-315 Exposes System Memory, Patch Issued May 12

Apple has addressed ZDI-26-315, an out-of-bounds read vulnerability in the macOS Universal Scene Description (USD) library. Rated CVSS…

May 23, 2026views - 129

VULNCRITICAL

Safari Regex Engine Vulnerability Allows Remote Code Execution via Duplicate Named Groups

Apple has patched a high-severity (CVSS 8.8) remote code execution vulnerability in Safari. The flaw involves a heap-based buffer over…

May 18, 2026views - 91

VULNCRITICAL

Apple Safari WebCore Vulnerability: ZDI-26-312 Enables Remote Code Execution

A use-after-free vulnerability in Safari’s WebCore style resolver allows for remote code execution through user interaction, affecting…

May 16, 2026views - 130

zeroZERO-DAY

Apple Fixes WebKit Zero-Days Exploited in 'Extremely Sophisticated' Attacks

Apple has issued emergency security updates for Safari 26.2 and iOS 18.7.3 to remediate two critical WebKit vulnerabilities (CVE-2025-…

May 15, 2026views - 182