Apple announced security updates this week for iOS, iPadOS, macOS Tahoe, and Safari that resolve dozens of vulnerabilities, including 26 security defects in WebKit.
iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2 were rolled out with 37 security fixes across IOGPUFamily, kernel, libxslt, Web Extensions, WebKit, and WebRTC.
The 26 WebKit bugs (including two in WebKit Canvas and WebKit Storage) could be exploited via malicious websites to exfiltrate data, leak sensitive information, crash Safari, corrupt memory, disclose process memory, hijack clipboard data, and process restricted web content outside the sandbox.
The 11 flaws affecting other operating system components could lead to system crashes, kernel memory writes, kernel state disclosure, kernel memory corruption, process crashes, and Safari crashes.
Per Apple’s advisories, at least four of these security defects appear to have been identified using AI. They were reported to Apple by Anthropic and OpenAI Codex Security researchers.











