Find notable cyber news and cases, enriched with sources, timelines, and signals.

Apple dyld memory corruption flaw actively exploited (CVE-2026-20700)

Vulnerability
First reported
Last updated
Happening score
H score 39
2 unique sources, 2 articles

Summary

Hide ▲

Apple's CVE-2026-20700 is an actively exploited dyld memory corruption flaw that can enable arbitrary code execution on susceptible Apple devices. The company said the issue may have been used in an extremely sophisticated attack against specific targeted individuals on iOS before iOS 26. Apple released fixes across multiple platforms after Google TAG reported the bug.

Related Happenings

Apple A12/A13 SecureROM USB DMA underflow with public usbliter8 exploit security flaw

Vulnerability
H score0 First: 19.06.2026 21:37 Last: 19.06.2026 21:37 Sources 1

About this happening: A public **usbliter8** exploit now reaches **arbitrary code execution** in Apple's **SecureROM**, exposing an **unpatchable USB DMA underflow flaw** across **A12, A13, S4, and S5*...

Apple Passwords app and Safari add Apple Intelligence-powered automatic password repair

Security Tool/Service
H score10 First: 09.06.2026 00:03 Last: 09.06.2026 00:03 Sources 1

About this happening: **Apple Passwords app** and **Safari** are adding an **Apple Intelligence** feature that can automatically repair weak or compromised passwords, reducing password-hygiene risk for...

IOS 26.5 beta rolls out default end-to-end encrypted RCS messaging on iPhone and Android

Security Tool/Service
H score11 First: 12.05.2026 08:18 Last: 12.05.2026 08:18 Sources 1

About this happening: Apple's **iOS 26.5** beta adds **default end-to-end encrypted RCS** messaging for **iPhone** and **Android** users, strengthening privacy in cross-platform chats. The rollout cove...

Google overhauls Android and Chrome bug bounty programs

Commercial Activity
H score0 First: 05.05.2026 14:24 Last: 05.05.2026 14:24 Sources 1

About this happening: **Google** overhauls its **Android and Chrome** vulnerability rewards programs, reshaping payout tiers for **exploit research** and raising top rewards to **$1.5 million**. The ch...

OpenAI rotates macOS code-signing certificates after supply-chain exposure

Security Tool/Service
H score12 First: 13.04.2026 20:39 Last: 13.04.2026 20:39 Sources 1

About this happening: **OpenAI** is **rotating and revoking macOS code-signing certificates**, forcing users of **ChatGPT Desktop**, **Codex**, **Codex CLI**, and **Atlas** to update so trust in signed...

Timeline

  1. 12.02.2026 07:39 3 articles · 4mo ago

    Apple releases fixes for CVE-2026-20700

    Mitigation Patch Update

    Apple released iOS 26.3, iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, watchOS 26.3, and visionOS 26.3 on 2026-02-12 to address CVE-2026-20700, a memory corruption flaw in dyld that Apple said may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26; Google Threat Analysis Group (TAG) was credited with discovering and reporting the bug, and Apple also issued fixes related to CVE-2025-14174 and CVE-2025-43529.

    Show sources
  2. 12.02.2026 07:39 3 articles · 4mo ago

    Apple releases fixes for CVE-2026-20700

    Mitigation Patch Update

    Apple released iOS 26.3, iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, watchOS 26.3, and visionOS 26.3 on 2026-02-12 to address CVE-2026-20700, a memory corruption flaw in dyld that Apple said may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26; Google Threat Analysis Group (TAG) was credited with discovering and reporting the bug, and Apple also issued fixes related to CVE-2025-14174 and CVE-2025-43529.

    Show sources