Last week Apple rolled out a patch for iOS that closed a security flaw that could give attackers control over a device by having a user click a single link. Now, Apple is patching the same hole in the Safari web browser on the desktop, with new updates for the browser as well as OS X Yosemite and El Capitan. Lookout Security and Citizenlab identified the flaw based on a link sent to a human rights activist, and believe the "cyber war" organization NSO Group was selling the exploit to governments like the UAE.