Cybersecurity

Apple has released emergency security updates for iPhones, iPads, Macs, Apple Watch, Apple TV and Vision Pro to fix CVE-2026-20700, a memory‑corruption zero‑day vulnerability the company says has already been exploited in targeted attacks. The flaw, which affects iOS and iPadOS 26.3, macOS Tahoe 26.3 (and Sequoia 15.7.4/Sonoma 14.8.4 via Safari 26.3), watchOS 26.3, tvOS 26.3 and visionOS 26.3, can allow attackers to run arbitrary code, opening the door to spyware, backdoors or silent device takeovers without visible warning signs. Apple says the bug was used as part of an 'infection chain' with two other vulnerabilities patched in December 2025, meaning users who skipped prior updates have been at heightened risk. Security experts are urging U.S. users to install the new versions immediately—using Software Update on iOS, iPadOS and macOS or the Watch and TV settings—since continuing to run older builds effectively leaves devices exposed to known attack techniques. The case underscores how widely used U.S. consumer devices remain high‑value targets for sophisticated actors and how delaying OS updates can turn routine patches into urgent security problems.