Apple to Patch Web Browser Vulnerabilities Affecting Recent Macs, iPads and iPhones

There are two new speculative execution attacks that impact recent Apple chips, according to data shared today by Georgia Tech students that discovered the vulnerabilities.

slap flop vulnerabilities
Named SLAP and FLOP, the two security flaws could allow an attacker to use a malicious webpage to spy on the contents of other webpages, giving attackers remote access to browsing history, credit card data, emails, location information, and more. Physical access to a device is not required, and the attack can be executed through a malicious site that bypasses Apple's browser protections.

Several Apple A-series and M-series chips are affected, including the M2 and later and the A15 and later, which are in the following devices:

  • 2022 and later Mac notebooks
  • 2023 and later Mac desktops
  • 2021 and later iPad models
  • 2021 and later iPhones

SLAP and FLOP were disclosed to Apple in May 2024 and September 2024, respectively, and while the attacks have not yet been patched, the researchers who reported the issue were told that Apple plans to address the vulnerabilities in an upcoming security update.

Apple told Bleeping Computer that it has not yet patched the flaws. "We want to thank the researchers for their collaboration as this proof of concept advances our understanding of these types of threats," Apple said. "Based on our analysis, we do not believe this issue poses an immediate risk to our users."

SLAP affects Safari, while FLOP affects Safari and Chrome. Other browsers like Firefox could be affected too, but have not been tested. There is no evidence that SLAP and FLOP have been executed in the wild.

Details on how SLAP and FLOP work can be found on the website dedicated to explaining the vulnerabilities.

Popular Stories

ios 19 messages app

Apple Sues Jon Prosser Over iOS 26 Leaks

Thursday July 17, 2025 8:40 pm PDT by
Earlier this year, YouTuber Jon Prosser shared multiple videos showing off what he claimed to be re-created renderings of what was then presumed to be called iOS 19 and which was eventually unveiled by Apple as iOS 26 at WWDC in June. In his first video back in January, Prosser showed off a Camera app redesign with a simpler set of buttons for moving between photo and video modes, and he...
iPhone 17 Colors

All 15 New iPhone 17 and iPhone 17 Pro Colors Revealed in Latest Leak

Wednesday July 16, 2025 6:50 am PDT by
We may finally have a definitive list of all color options for the iPhone 17 series, ahead of the devices launching in September. MacRumors concept In a report for Macworld today, Filipe Espósito said he obtained an "internal document" that allegedly reveals all of the color options for the upcoming iPhone 17, iPhone 17 Air, iPhone 17 Pro, and iPhone 17 Pro Max models. The report includes ...
iOS 26 on Three iPhones

Here's When to Expect the iOS 26 Public Beta

Tuesday July 15, 2025 11:07 am PDT by
Apple previously announced that a public beta of iOS 26 would be available in July, and now a more specific timeframe has surfaced. Bloomberg's Mark Gurman today said that Apple's public betas should be released on or around Wednesday, July 23. In other words, expect the public betas of iOS 26, iPadOS 26, macOS 26, and more to be available at some point next week. Apple will be releasing...
iPhone 17 Pro Dark Blue and Orange

Ranked: The Best Features Rumored for the iPhone 17 Lineup

Wednesday July 16, 2025 4:17 pm PDT by
We have just under two months to go until the debut of Apple's iPhone 17 models, and rumors have been ramping up in recent weeks. We went through everything we know so far, pulling out the most exciting rumors and highlighting some other changes that aren't going to be so great. Top Tier Ultra Thin iPhone 17 Air - The iPhone 17 Air is 2025's most exciting iPhone rumor, because it's the...
Foldable iPhone 2023 Feature Homescreen

Foldable iPhone's Thickness and Price Range Detailed in New Reports

Wednesday July 16, 2025 11:31 am PDT by
Apple's long-rumored foldable iPhone will likely have a starting price between $1,800 and $2,000 in the U.S., analysts at investment banking firm UBS said this week. If so, the foldable iPhone would cost more than a MacBook Pro, which starts at $1,599. With a starting price of at least $1,800, the foldable iPhone would be the most expensive iPhone model ever released, topping the Pro Max at...
iPhone 17 Pro in Hand Feature Lowgo

iPhone 17 Pro Coming Soon With These 16 New Features

Friday July 11, 2025 12:40 pm PDT by
Apple's next-generation iPhone 17 Pro and iPhone 17 Pro Max are only two months away, and there are plenty of rumors about the devices. Below, we recap key changes rumored for the iPhone 17 Pro models. Latest Rumors These rumors surfaced in June and July:A redesigned Dynamic Island: It has been rumored that all iPhone 17 models will have a redesigned Dynamic Island interface — it might ...
Apple Watch Ultra 2 Complications

Apple Watch Ultra 3: What to Expect

Sunday July 13, 2025 10:30 am PDT by
The long wait for an Apple Watch Ultra 3 is nearly over, and a handful of new features and changes have been rumored for the device. Below, we recap what to expect from the Apple Watch Ultra 3:Satellite connectivity for sending and receiving text messages when Wi-Fi and cellular coverage is unavailable 5G support, up from LTE on the Apple Watch Ultra 2 Likely a wide-angle OLED display that ...

Top Rated Comments

awer25 Avatar
24 weeks ago
Help us Genmoji, you're our only hope!
Score: 29 Votes (Like | Disagree)
canadianreader Avatar
24 weeks ago

Apple told Bleeping Computer ('https://www.bleepingcomputer.com/news/security/new-apple-cpu-side-channel-attack-steals-data-from-browsers/') that it has not yet patched the flaws. "We want to thank the researchers for their collaboration as this proof of concept advances our understanding of these types of threats," Apple said. "Based on our analysis, we do not believe this issue poses an immediate risk to our users."
They're too busy fixing Apple Intelligence.
Score: 24 Votes (Like | Disagree)
centauratlas Avatar
24 weeks ago
"we do not believe this issue poses an immediate risk to our users." That may have been true but now that it was published in the two papers that Bleeping links to I would suspect that would change. Apple should have patched these. Reminds me of Meltdown and Spectre.
Score: 22 Votes (Like | Disagree)
DeftwillP Avatar
24 weeks ago
It's ok guy, siri's got this.

"hey siri, load the patch from apple for the newest exploit"
"I couldn't find that person in your contacts"
Score: 20 Votes (Like | Disagree)
Apple Knowledge Navigator Avatar
24 weeks ago
Have they patched the other FLOP?
Think it’s called Apple Intelligence.
Score: 20 Votes (Like | Disagree)
Razorpit Avatar
24 weeks ago

They're too busy fixing Apple Intelligence.
Maybe we can have Apple Intelligence write a patch! What could go wrong? ?
Score: 12 Votes (Like | Disagree)