Apple has patched two iOS vulnerabilities that have been exploited in the wild, including one that requires no user interaction.
Researchers uncovered a flaw in macOS that could allow attackers to access permissions, like screen recording, on victim devices - without their approval.
Apple has fixed four zero days in WebKit for iOS, macOS, and Safari that were under active attack.
The macOS vulnerability allowed attackers to bypass Apple’s core security defenses with specially-crafted application bundles.
A recent variant of the XCSSET malware has the capability to infect ARM M1-based Macs in addition to x86-based machines.