Apple’s 2026 Security Events: iPhone Exploits, Zero-Days Put Millions at Risk
Apple’s 2026 Security Events: iPhone Exploits, Zero-Days Put Millions at Risk
https://www.techrepublic.com/article/news-apple-security-roundup-june-2026/
Publish Date: 2026-06-03 16:11:00
Source Domain: www.techrepublic.com
Apple’s security year so far has been anything but quiet.
The company’s 2026 security cycle has been dominated by a steady stream of updates across iOS, iPadOS, macOS, watchOS, tvOS, visionOS, and Safari, with most major platforms now on versions 26.5 or later. Below is a breakdown of the company’s key security events so far this year.
Apple’s first zero-day of 2026
One of the most significant security events of the year came in February, when Apple disclosed CVE-2026-20700, a vulnerability affecting a core operating system component known as dyld.
The flaw could allow attackers to execute malicious code on vulnerable devices. Apple warned that it had been used in what the company described as “extremely sophisticated” attacks against specific individuals.
The issue affected iPhones, iPads, Macs, Apple Watches, Apple TVs, and Vision Pro devices before Apple released patches through iOS 26.3, iPadOS 26.3, macOS Tahoe 26.3, watchOS 26.3, tvOS 26.3, and visionOS 26.3.
According to Apple’s advisory, “An attacker with memory write capability may be able to execute arbitrary code.” Researchers noted that the vulnerability was linked to two previously patched WebKit flaws, CVE-2025-14174 and CVE-2025-43529, which had also been used in targeted attacks.
WebKit bugs put iPhones at risk
The year began with Apple addressing those two WebKit vulnerabilities (CVE-2025-14174 and CVE-2025-43529), which security researchers said could allow attackers to gain deep access to affected devices simply by exploiting flaws in Safari’s web-rendering engine.
Vulnerabilities could be used to execute malicious code through compromised webpages, potentially exposing sensitive information such as passwords and financial data.
The bugs affected millions of iPhones and iPads before Apple released fixes through iOS 26.2 and related updates for older supported devices. Security experts emphasized that users did not necessarily need to click anything for an attack to…
