About the security content of iOS 18.7.8 and iPadOS 18.7.8

About the security content of iOS 18.7.8 and iPadOS 18.7.8 This document describes the security content of iOS 18.7.8 and iPadOS 18.7.8. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...

CVE-2026-20663

The issue was resolved by sanitizing logging. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3. An app may be able to enumerate a user's installed apps...

Apple patches 50 security flaws—update now

Apple has released security updates for iPhones, iPads, Macs, Apple Watches, Apple TVs, Safari, and Xcode, fixing nearly 50 security flaws. Some of these bugs could let cybercriminals see your private data, take control of parts of your device, or break key security protections. Installing these...

EUVD-2023-45582

Malicious code in bioql PyPI...

CVE-2025-43300

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS 15.8.5, iOS 16.7.12 and iPadOS 16.7.12. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in a...

CVE-2022-48618

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been...

A week in security (January 27 – February 2)

Last week on Malwarebytes Labs: ClickFix vs. traditional download in new DarkGate campaign Cybercrime gets a few punches on the nose Microsoft advertisers phished via malicious Google ads The DeepSeek controversy: Authorities ask where does the data come from and how safe is it? These are the 10...

CVE-2023-42897

The issue was addressed with improved checks. This issue is fixed in iOS 17.2 and iPadOS 17.2. An attacker with physical access may be able to use Siri to access sensitive user data...

GLSA-202209-21 : Poppler: Arbitrary Code Execution

The remote host is affected by the vulnerability described in GLSA-202209-21 Poppler: Arbitrary Code Execution - An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2...

Vulnerabilities fixed in Safari

Apple has fixed vulnerabilities in Safari. The vulnerabilities allow a malicious party to execute arbitrary code execute within the scope of the browser and to spoof user interfaces. spoofing. To do this, however, the malicious party must entice the victim to open rogue content. -= Apple =- Apple...

Vulnerabilities fixed in iOS and iPadOS

Apple has fixed vulnerabilities in iOS and iPadOS. The vulnerabilities potentially allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Bypassing authentication Circumvention of security measure. Remote code execution...

CVE-2021-30768

A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. A sandboxed process may be able to circumvent sandbox restrictions...

CVE-2019-8788

An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1. Improper URL processing may lead to data exfiltration...

Apple Releases iOS 12.4.1 Emergency Update to Patch 'Jailbreak' Flaw

Apple just patched an unpatched flaw that it patched previously but accidentally unpatched recently — did I confuse you? Let's try it again... Apple today finally released iOS 12.4.1 to fix a critical jailbreak vulnerability, like it or not, that was initially patched by the company in iOS 12.3 b...

Zoom RCE Flaw Also Affects Its Rebranded Versions RingCentral and Zhumu

The same security vulnerabilities that were recently reported in Zoom for macOS also affect two other popular video conferencing software that under the hood, are just a rebranded version of Zoom video conferencing software. Security researchers confirmed The Hacker News that RingCentral, used by...

Latest iOS 12.2 Update Patches Some Serious Security Vulnerabilities

Apple on Monday released iOS 12.2 to patch a total of 51 security vulnerabilities in its mobile operating system that affects iPhone 5s and later, iPad Air and later, and iPod touch 6th generation. A majority of vulnerabilities Apple patched this month reside in its web rendering engine WebKit,...

CVE-2019-6219

A denial of service issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, watchOS 5.1.3. Processing a maliciously crafted message may lead to a denial of service...

MacOS again appeared vulnerability, known as unbreakable system also has weaknesses-vulnerability warning-the black bar safety net

For convenience of expression, this article will use the first-person manner described. This article describes my in Apple's macOS system kernel found several stack and buffer overflow vulnerabilities, Apple will this several vulnerabilities categorized as the kernel of remote code execution...

Newly Discovered Mac Malware with Ancient Code Spying on Biotech Firms

Security researchers have discovered a rare piece of Mac-based espionage malware that relies on outdated coding practices but has been used in some previous real-world attacks to spy on biomedical research center computers. Dubbed Fruitfly, the malware has remained undetected for years on macOS...

Apple Developing Fix For Flashback Malware

Apple is planning to release a software fix that will find and remove the Flashback malware that has been haunting Mac users for several months now. The latest version of Flashback has built a botnet that at times has included more than 600,000 infected machines. Apple said on Tuesday that it was...