Apple has fixed four zero days in WebKit for iOS, macOS, and Safari that were under active attack.
The macOS vulnerability allowed attackers to bypass Apple’s core security defenses with specially-crafted application bundles.
A recent variant of the XCSSET malware has the capability to infect ARM M1-based Macs in addition to x86-based machines.
Apple said its App Tracking Transparency rules will restrict advertisers’ abilities to track user behavior, while still giving them the option to analyze the impact of their ads.
The Silver Sparrow malware is targeting Macs, including those with the M1 chip, but is not delivering a payload.