The Top Sites feature in Apple Safari before 9.1 mishandles cookie storage, which makes it easier for remote web servers to track users via unspecified vectors.
Apple Security Advisory 2016-03-21-6 - Safari 9.1 is now available and addresses code execution, interface spoofing, denial of service, and various other vulnerabilities.