Overview
- Apple confirmed a WebKit flaw used in highly targeted attacks and released fixes in iOS 26.2 and iOS 18.7.3.
- Users not on these versions are instructed to power off or restart their iPhones immediately as a temporary mitigation.
- Reporting cites data indicating roughly half of eligible iPhones have not upgraded, extending the window of vulnerability.
- iOS 26.2 addresses 27 security issues, and its full protections are limited to supported models listed by Apple.
- The primary issue, tracked as CVE-2025-14174, could enable arbitrary code execution via malicious web content, according to Apple.