Apple has issued a stark warning to its global user base, alerting them that iPhones are being targeted by highly sophisticated spyware in a campaign that leaves hundreds of millions of devices vulnerable. The tech giant revealed that the attacks are precise and leverage dangerous 'zero-click' exploits, allowing hackers to seize control without any interaction from the user.
Widespread Vulnerability Due to Slow Update Adoption
The urgency of the warning is compounded by a significant lag in software updates. As of January 2026, adoption rates for iOS 26 are hovering between just 16 and 20 percent, meaning the vast majority of the 1.8 billion iPhone users—potentially up to 75%—have not installed the critical security patches. Apple released iOS 26 to the public on September 15, 2025.
Industry experts suggest the reluctance to update stems from user hesitation over the new 'Liquid Glass' visual design language introduced with iOS 26. This interface, featuring translucent and refractive elements, has been criticised by some early adopters as confusing and visually distracting. Many iPhones remain on iOS 18 due to extended security support, but the latest update contains essential defences.
How the Spyware Attacks Work and What's at Stake
The company explained that these are not typical cyber threats. The attacks are described as 'extremely sophisticated' and target specific individuals. The vulnerabilities, classified as zero-day flaws, were found in WebKit—the browser engine powering Safari and all browsers on iOS. Hackers can use malicious websites to trick a device into executing harmful code.
If a device is compromised, the consequences are severe. Hackers could steal personal data, track a user's location in real-time, access cameras and microphones, and commit financial fraud, creating a grave risk to both privacy and security.
Immediate Steps Users Must Take
Cybersecurity researchers are urging users to act immediately. The first step is to restart your device. Experts from Malwarebytes explain that this action flushes out any memory-resident malware, unless it has gained a persistent foothold. They note that high-end spyware often relies on users not restarting their phones to avoid leaving traces.
The crucial second step is to install the latest software update. For users with automatic updates enabled, the patch should already be installed. Others must manually download iOS 26.2 or iPadOS 26.2 by going to Settings, then General, and selecting Software Update.
Apple has also released updates for older systems, including iOS 18.7.3 and iPadOS 18.7.3, alongside patches for macOS, tvOS, watchOS, visionOS, and Safari.
Which Devices Are Most Vulnerable?
The devices most at risk from these specific WebKit flaws include:
- iPhone 11 and all later models.
- iPad Pro 12.9-inch (3rd generation and later).
- iPad Pro 11-inch (1st generation and later).
- iPad Air (3rd generation and later).
- iPad (8th generation and later).
- iPad mini (5th generation and later).
The two critical flaws, identified as CVE-2025-43529 (a use-after-free bug) and CVE-2025-14174 (a memory corruption bug), were discovered by security teams including Apple's and Google's Threat Analysis Group. These zero-day vulnerabilities were unknown to the software creators and could have been exploited before a fix was available.
The latest iOS 26 update not only patches these holes but also strengthens overall security with new defences against online tracking in Safari, blocks on risky wired connections, and enhanced tools to protect users from scam calls and messages.
