In a notice released on Tuesday, the company said the issue affects WebKit, the engine that powers Safari and many other apps.

A security researcher found the flaw, which could allow a malicious website to access data from another site opened in the same browser session.

Apple said the problem has now been fixed with improved checks on how web content is handled.

The update is part of what the company calls “background security improvements”. These are smaller updates that provide fixes between full software releases. They are available on devices running the latest versions of iOS, iPadOS and macOS.

Unlike regular updates, this one installs quickly and only requires a short restart. Apple said the feature is designed to push out urgent fixes without waiting for larger system upgrades.

The vulnerability involved a cross-origin issue in the browser’s Navigation API. If exploited, it could bypass the same-origin policy, a key security regulation that keeps data from different websites separate.

Apple did not explain how widely the flaw may have been used and also did not give further details on the discovery beyond crediting researcher Thomas Espach.

The Safari security update was released on March 17, 2026, by Apple, and applies to iOS 26.3.1, iPadOS 26.3.1 and macOS versions 26.3.1 and 26.3.2.

Apple has tested similar updates in recent months before rolling out this system globally. The company said it will continue to use background updates to address certain security issues more quickly.

The newly released Final Cut Pro for iPad 2 takes full advantage of the powerful new iPad Pro built with the M4 chip. 

This upgrade brings up to twice the rendering speed and supports up to four times more streams of ProRes RAW compared to the M1 model. 

The Live Multicam function is an interesting feature which allows users to wirelessly connect and preview up to four cameras simultaneously. This is managed through the new Final Cut Camera app, which works as both a companion and standalone recording tool on iPhone and iPad. 

Users can manually control camera settings such as focus, shutter speed, and ISO, making it a versatile tool for on-the-go filming.

Another highly requested feature now available in Final Cut Pro for iPad 2 is support for external projects. This allows users to create or open projects without consuming internal storage space, offering greater flexibility for managing large video files. 

Additionally, the app supports the new Apple Pencil Pro, which includes advanced controls like barrel roll for precise drawing and a squeeze feature to quickly access brushes and settings.

Final Cut Pro for Mac 10.8

Final Cut Pro for Mac 10.8 introduces several artificial intelligence-driven updates designed to simplify the video editing process. The new Enhance Light and Color feature automatically adjusts video colour correction, while Smooth Slo-Mo intelligently blends video frames to ensure smooth motion in slow-motion footage. 

These features leverage the Neural Engine in Apple’s silicon. The update also brings improved organizational tools to Final Cut Pro for Mac. Users can now assign custom names to colour corrections and video effects, making it easier to manage complex projects. 

The timeline index has been enhanced to allow for searching and navigating to clips with missing media or effects, and a new text-based search feature enables users to find clips based on reel, scene, camera angle, and other metadata.

Availability and Pricing

Both Apple Final Cut Pro for iPad 2 and Final Cut Pro for Mac 10.8 are now available as free updates for existing users. New users can purchase Final Cut Pro for iPad 2 through the App Store for $4.99 per month or $49 per year. Final Cut Pro for Mac 10.8 is available on the Mac App Store for a one-time purchase price of $299.99.

Ukrainian cyber experts discovered the attack, which uses Vidar Malware (Vidar Stealer) to steal Telegram session data, which in the absence of configured two-factor authentication and a passcode, allows unauthorized access to the victim’s telegram account and corporate account or network.

The malware, which exploits unauthorized access to users’ Telegram accounts and corporate accounts to steal data, targets platforms across iOS, Android, Linux, Mac and Windows Operating Systems.

“The Ukrainian CERT alleged that a Somnia Ransomware was created to be used on Telegram that tricks users to download an installer that mimics ‘Advanced IP Scanner’ software, which contains Vidar Malware. The installer infects the system with the Vidar stealer, which steals the victim’s Telegram session data to take control of their account.

“The threat actors abuse the victim’s Telegram account in some unspecified manner to steal VPN connection data (authentication and certificates). If the VPN account is not protected by two-factor authentication passcode, the hackers use it to gain unauthorized access to the victim’s employer’s corporate network”, the alert and advisory states.

“Once inside, the intruders conduct reconnaissance work using tools like Netscan, Rclone, Anydesk, and Ngrok, to perform various surveillance and remote access activities, and then deploy a Cobalt Strike beacon, exfiltrating data using the Rclone program,” the report stated.

The CSIRT is the telecom sector’s cyber security incidence centre set up by the NCC to focus on incidents in the telecom sector and as they may affect telecom consumers and citizens at large.

The CSIRT also works collaboratively with ngCERT, established by the Federal Government to reduce the volume of future computer risk incidents by preparing, protecting, and securing Nigerian cyberspace to forestall attacks, and problems or related events.