Apple has released iOS 26.2 with an urgent warning for users to update immediately, following confirmation that critical vulnerabilities in WebKit and the iOS Kernel are being actively exploited by spyware and malicious apps.
The update addresses 26 security flaws, including two zero-day vulnerabilities currently under attack, making this patch a high-priority security measure for all iPhone users.
Why iOS 26.2 Is Critical
Apple confirmed that attackers are exploiting vulnerabilities in WebKit, the engine powering Safari and many iOS applications, to execute arbitrary code via malicious web content. This flaw could enable highly targeted spyware campaigns similar to Pegasus and Predator, which have historically been used against journalists, dissidents, and businesses.
“Since WebKit powers Safari and many iOS applications, the potential impact is significant,” said Moshe Levi, Global Manager of Checkpoint PT Team. “Update all devices to iOS 26.2 immediately.”
Key Vulnerabilities Patched
- CVE-2025-43529 & CVE-2025-14174 (WebKit)
Enable remote code execution via malicious web content - CVE-2025-46285 (Kernel)
Allows malicious apps to gain root privileges - Additional flaws affecting payment token security, preventing exposure of sensitive financial data
Apple warns that these vulnerabilities may have been used as part of complex attack chains, targeting high-value individuals and organizations.
Indicators of Compromise
Signs that a device may be infected include:
- Unexpected device lags or overheating
- Presence of apps not installed by the user
- Unusual battery drain
Apple recommends enabling Lockdown Mode for additional protection against spyware.
Security Guidance for Users
- Update to iOS 26.2 immediately via Settings → Software Update
- Avoid clicking links or pop-ups claiming to offer updates
- Stay alert for phishing attempts mimicking Apple threat notifications
- Encourage friends and family to update promptly
Apple emphasizes that official threat notifications will never request passwords, verification codes, or app installations.
Why Timely Updates Matter
“Once security patches are released, attackers can easily go on the offensive against users who haven’t upgraded,” said Javvad Malik, Lead CISO Advisor at KnowBe4. “Remaining on an old version is an open door for attackers.”
The release of iOS 26.2 underscores the importance of staying current with security updates as attackers increasingly exploit unpatched devices for surveillance and financial theft.
