Cyber Update: Apple accelerates patching to beat AI exploits as WinRAR flaw highlights legacy risk

Apple is accelerating its security updates to outpace AI driven exploit development, releasing early patches for iOS and macOS, while a critical WinRAR vulnerability shows why legacy software remains a prime target for attackers.

Cyber Update: Apple accelerates patching to beat AI exploits as WinRAR flaw highlights legacy risk
Apple faces a major cyber threat as digital security pressure closes in.

The Update

Apple has released early security updates for iOS, macOS and Safari, addressing over thirty vulnerabilities. This includes four WebKit flaws discovered using artificial intelligence tools. The updates fix memory corruption issues that could cause unexpected crashes or code execution.

Apple told Reuters it is adapting to the reality that artificial intelligence can speed the development of malicious hacking tools. By reducing the time between public disclosure and patch deployment, Apple aims to shrink the window for weaponisation. The Canadian Centre for Cyber Security has issued an advisory urging immediate application of the updates.

Meanwhile, a high severity vulnerability in WinRAR shows that legacy software remains attractive to threat actors. CVE-2026-14191 causes a heap overflow in the RAR5 recovery volume parser. While no active exploitation is confirmed, WinRAR is installed on hundreds of millions of computers globally. The issue is patched in version 7.23.

These vulnerabilities align with broader industry trends. The Open Web Application Security Project has just added Software Supply Chain Failures to its 2026 Top 10 list, reflecting the systemic risk of outdated components.

Why Does It Matter?

For Australian organisations, the contrast between Apple and WinRAR highlights a dual challenge. Vendors are using AI to find flaws and accelerate patching before attackers can build exploits. However, attackers continue to target ubiquitous desktop utilities where patch cycles are slow.

Boards must ensure their security teams are auditing the legacy tools their staff use daily. As AI compresses the time between discovery and exploitation, relying on delayed patching for any software is a business risk operations can't afford.


Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Cyber News Centre.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.