Apple issues warning to all 1.8bn iPhone users over 'extremely sophisticated attack'
Apple has issued a warning to all iPhone users after identifying two major flaws in the system, urging them to update their devices immediately.
Apple has warned all iPhone and iPad users to install the latest updates immediately to safeguard their devices against a critical threat.
The tech giant said two critical flaws were found in WebKit, the browser engine that powers Safari and all browsers on iOS, describing them as part of an 'extremely sophisticated attack' targeting specific individuals.
The risk comes from malicious websites, which could trick your device into executing harmful instructions. That means hackers might be able to take control of your iPhone or iPad or run code without your permission.
For users with automatic updates enabled, the patch should already be installed, while others will need to manually download iOS 26.2 or iPadOS 26.2 through their device settings.
Devices most at risk include the iPhone 11 and later, the iPad Pro 12.9-inch (3rd generation and later), and the iPad Pro 11-inch (1st generation and later).
Other vulnerable models include the iPad Air (3rd generation and later), the iPad (8th generation and later), and the iPad mini (5th generation and later).
The flaws are classified as zero-day vulnerabilities, meaning they were unknown to the software creators and could be exploited by hackers before a patch existed.
Security teams, including Apple and Google's Threat Analysis group, discovered the weaknesses, warning that the bugs could enable potentially devastating cyberattacks.
Apple is urging all its iPhone users to install the latest update after identifying two vulnerabilities
Apple has also released updates for iOS 18.7.3 and iPadOS 18.7.3, macOS Tahoe 26.2, tvOS 26.2, watchOS 26.2, visionOS 26.2, and Safari 26.2.
One issue, called a use-after-free bug, is a memory problem that Apple resolved by improving how the device manages temporary data.
Apple labeled the flaw as CVE-2025-43529.
Another, known as a memory corruption bug, was fixed by adding stricter checks to prevent errors. This one was labeled as CVE-2025-14174.
'For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available,' the tech giant said in a release.
Cybersecurity expert Kurt Knutsson shared how iPhone users can protect themselves from such vulnerabilities.
Knutsson wrote for FOX News that installing updates immediately is crucial because zero-day attacks often rely on catching users off guard with outdated software.