Apple has released security updates for iOS, iPadOS, macOS, and Safari that address more than 30 vulnerabilities across its software ecosystem.
Included in the release are includes nearly 30 fixes for WebKit, the browser engine used by Safari and embedded web content throughout Apple devices, along with kernel vulnerabilities that affect operating system security.
It also introduces a change to Apple’s release process.
The company credited AI-assisted tools with helping identify several WebKit vulnerabilities and said it is reducing the time between completing security updates and delivering them to customers because artificial intelligence can shorten the time needed to develop exploits.
Why It Matters: Artificial intelligence is changing how software vulnerabilities are discovered and how quickly attackers can analyze newly disclosed flaws. That leaves less time for organizations to evaluate, test, and deploy security updates. Apple’s latest release illustrates how software vendors are adjusting patch management to reduce that exposure window.
- Platform-Wide Updates: Apple released iOS 26.5.2, iPadOS 26.5.2, macOS Tahoe 26.5.2, and Safari 26.5.2, addressing more than 30 vulnerabilities. Nearly 30 of the fixes affect WebKit, the browser engine that processes web content across Safari and many Apple applications. Apple continues to identify software updates as one of the most effective ways to protect devices.
- AI finds Vulnerabilities: Apple credited OpenAI Codex Security with identifying three WebKit vulnerabilities that could cause memory corruption or unexpected browser crashes when processing malicious web content. Anthropic researchers Milad Nasr and Nicholas Carlini, working with Claude, identified another WebKit vulnerability involving memory corruption. The acknowledgments show AI becoming part of established security research workflows used to identify software flaws.
- Browser and Kernel Fixes: Apple patched kernel vulnerabilities that could allow malicious applications to leak sensitive information, interfere with system memory, or cause unexpected system termination. The company also resolved additional WebKit issues, including flaws affecting Canvas and browser sandbox protections, further strengthening platform security.
- No Active Exploitation: Apple said none of the vulnerabilities addressed in these updates have been observed in attacks. The company also continues its practice of withholding detailed technical information until security updates are available, helping reduce opportunities for attackers to study vulnerabilities before customers install patches.
- Faster Patch Delivery: Apple is releasing security updates sooner because AI can reduce the time between vulnerability discovery and exploit development from days to hours. The shorter release timeline gives customers earlier access to protections and acknowledges that attackers may also benefit from advances in AI.
Apple security releases – Apple
Trusted insights for technology leaders
Our readers are CIOs, CTOs, and senior IT executives who rely on The National CIO Review for smart, curated takes on the trends shaping the enterprise, from GenAI to cybersecurity and beyond.
Subscribe to our 4x a week newsletter to keep up with the insights that matter.
