Apple Warns 1.8 Billion iPhone Users of “Extremely Sophisticated” Attack

Apple warns iPhone users

Apple has urged iPhone and iPad users to install the latest security updates after confirming two WebKit vulnerabilities were likely exploited in an “extremely sophisticated” attack against specific targeted individuals, with fixes shipped in iOS 26.2/iPadOS 26.2 (released Dec. 12, 2025).

What Apple disclosed

Apple said it is “aware of a report” that the issues “may have been exploited in an extremely sophisticated attack against specific targeted individuals” on iOS versions before iOS 26.
The vulnerabilities sit in WebKit, the browser engine that powers Safari and, on iPhone and iPad, underpins all browsers due to platform rules—meaning a malicious webpage can be enough to trigger risky behavior if the device is unpatched.

The vulnerabilities (what’s patched)

Apple’s security notes for iOS 26.2/iPadOS 26.2 describe two WebKit flaws tied to this warning: CVE-2025-43529 and CVE-2025-14174.
For CVE-2025-43529, Apple warns that processing maliciously crafted web content “may lead to arbitrary code execution,” and notes it was addressed via improved memory management.
For CVE-2025-14174, Apple warns that processing maliciously crafted web content “may lead to memory corruption,” and says it was addressed with improved validation.

Key vulnerability details

CVE Component Apple’s stated impact Apple’s mitigation Credit (as listed by Apple)
CVE-2025-43529 WebKit Malicious web content may lead to arbitrary code execution; may have been exploited in targeted attacks Improved memory management Google Threat Analysis Group (TAG)
CVE-2025-14174 WebKit Malicious web content may lead to memory corruption; may have been exploited in targeted attacks Improved validation Apple and Google Threat Analysis Group (TAG)

Who is affected (and where the fixes are)

Apple shipped the targeted-attack fixes in iOS 26.2 and iPadOS 26.2, available for iPhone 11 and later and a broad range of iPads (including iPad mini 5 and later).
Apple also included the same WebKit fixes in macOS Tahoe 26.2, indicating cross-device exposure where Safari/WebKit are used.

Patch map across Apple platforms

Platform Update containing the WebKit fixes Release date (Apple) Notes
iPhone / iPad iOS 26.2 / iPadOS 26.2 Dec. 12, 2025 Apple ties both CVEs to the “extremely sophisticated” targeted-attack report.
Mac macOS Tahoe 26.2 Dec. 12, 2025 Apple lists the same two WebKit CVEs and the same targeted-attack language.
Mixed environments (tracking/defense) KEV/industry tracking for CVE-2025-43529 Ongoing Threat intelligence listings note CVE-2025-43529 is tracked as actively exploited and appears on CISA’s KEV list. ​

Why this warning matters (the “how” of real-world exploitation)

WebKit bugs are high-value because they can be triggered through web content, which attackers can deliver via links in messages, emails, malvertising, or compromised websites.
Apple’s wording—“specific targeted individuals”—signals the reported exploitation was not described as broad, opportunistic malware, but as selective targeting (without naming victims or attributing an actor).
Separately, threat intelligence tracking notes CVE-2025-43529 is considered actively exploited and is listed by CISA in its Known Exploited Vulnerabilities catalog, which organizations often treat as a high-priority patch signal.​

What users should do now

Apple’s core guidance is to update promptly to the latest software versions that include the security fixes.
On iPhone and iPad, install iOS 26.2/iPadOS 26.2 via Settings → General → Software Update (or the equivalent enterprise-managed update flow).
On Mac, update to macOS Tahoe 26.2 via System Settings → General → Software Update, since Apple includes the same WebKit fixes there as well.

Practical safety checklist (non-speculative)

  • Turn on automatic updates where feasible so security patches land faster.
  • Treat unexpected links as risky even if they appear to come from known contacts, since web-delivered exploits can start with a single tap.
  • If an organization manages Apple devices, prioritize remediation of actively exploited WebKit CVEs tracked in the wider vulnerability ecosystem.​

Final thoughts

Apple’s latest warning centers on two WebKit vulnerabilities that it says were likely used in an “extremely sophisticated” attack against specific targets, with fixes delivered in iOS 26.2/iPadOS 26.2 and macOS Tahoe 26.2.

The immediate takeaway is operational rather than theoretical: applying the updates is the only reliable way to close the known exploited paths described in Apple’s advisories.
For security teams, the fact that CVE-2025-43529 is tracked as actively exploited and appears in CISA-oriented vulnerability prioritization signals a “patch fast” workflow for exposed fleets.​


Subscribe to Our Newsletter

Related Articles

Top Trending

Can LinkedIn Premium See Anonymous Views
Can LinkedIn Premium See Anonymous Views [A Step-by-Step Fact-Checked Guide]
Post-Quantum Cryptography
Post-Quantum Cryptography: A Practical Guide For Nontechnical Leaders
ai slop problem an editor is checking the content
AI Slop Problem: What Working With Online Content Taught Me About Information Quality
midjourney prompts for marketing. Creative director reviewing AI generated brand visuals, showing how Midjourney prompts support professional marketing asset planning.
Top 9 Midjourney Prompts for Marketing Visuals and Stunning Graphics
best apps upper elementary
13 Best Educational Apps for Upper Elementary (Ages 8-11)

Fintech & Finance

Higher 401k Limits Retirement Savers
What Do Higher 401(k) Limits Mean for Retirement Savers in 2026?
ELSS SIP Calculator
ELSS SIP Calculator: Tax Saving + Wealth Building Explained
Tracking Small-Cap Stocks on Fintechzoom.com Russell 2000
Fintechzoom.com Russell 2000: The Complete Guide to Tracking Small-Cap Stocks in 2026
Organizational Bottlenecks and How to Address Them
10 Organizational Bottlenecks: Here’s How to Address Them
Why more Indians are Taking a Rs 50000 Personal Loan for Emergencies and Short-term Needs
Why more Indians are Taking a Rs 50000 Personal Loan for Emergencies and Short-term Needs

Sustainability & Living

Smart Home Sustainability
Smart Home Sustainability: Which Devices Actually Help and Which Ones Just Add Clutter
vote with your wallet
10 Ways to Vote With Your Wallet and Make Every Purchase Count
environment impact of plant-based diet featured image. Plant based meal with legumes, grains, vegetables, and a globe showing the environmental value of sustainable food choices.
The Environment Impact of Plant-Based Diet Choices
Swedish supply chain traceability platforms
6 Swedish Supply Chain Traceability Platforms Transforming Global Industries
Local Climate Actions
11 Local Climate Actions That Compound Beyond One Household

GAMING

Open World Fatigue. Gamer overlooking a vast open world filled with map markers, showing how open world fatigue starts when exploration becomes overwhelming
Open World Fatigue Is Real and AAA Games Caused It
Play to Earn Models Featured Image of a Gamer exploring a futuristic fantasy game economy with digital assets, rewards, characters, and collectible items, helping viewers understand how Play to Earn Models connect gameplay with ownership.
Top 10 Gaming SMEs Specializing in Play to Earn Models in the United States
Crunch Culture Coverup featured image. Exhausted game developer working late in a dark studio, showing how the crunch culture coverup hides the human cost behind AAA game production
The Crunch Culture Coverup Is Gaming’s Ugliest Secret
Mortdog left Riot Games
Mortdog Leaves Riot Games: Is This the End of TFT as We Know It?
Quality Assurance & Game Testing
Top 10 Gaming SMEs Specializing in Quality Assurance & Game Testing in India

Business & Marketing

Best Founder Resources
23 Best Founder Resources: A Practical Guide for Early-Stage Startups
Best Free Courses Aspiring Founders
The 7 Best Free Courses Aspiring Founders Should Take Before Building
best templates founders
11 Best Templates Founders Need to Build Smarter
Enter a new country without legal entity
The Fastest Way to Enter a New Country Without Establishing a Legal Entity
Promotional talent live events
How Promotional Talent Helps Brands Make an Impact at Live Events

Technology & AI

Can LinkedIn Premium See Anonymous Views
Can LinkedIn Premium See Anonymous Views [A Step-by-Step Fact-Checked Guide]
Post-Quantum Cryptography
Post-Quantum Cryptography: A Practical Guide For Nontechnical Leaders
ai slop problem an editor is checking the content
AI Slop Problem: What Working With Online Content Taught Me About Information Quality
midjourney prompts for marketing. Creative director reviewing AI generated brand visuals, showing how Midjourney prompts support professional marketing asset planning.
Top 9 Midjourney Prompts for Marketing Visuals and Stunning Graphics
ChatGPT Prompts for Content Writing. Writer collaborating with an AI assistant to research, organize, and refine content more effectively.
11 ChatGPT Prompts for Content Writing You Must Use

Fitness & Wellness

Electric Massage Ball for Spine Injury
Living With Spine Injury: How to Try an Electric Massage Ball Without Rushing It
A Complete Guide on TheLifestyleEdge com
The Lifestyle Edge: Your Complete Guide to Wellness and Modern Living
Stretching Accessories That Make a Difference
7 Stretching Accessories That Make a Difference for Flexibility, Mobility, and Recovery
air quality wellness devices
13 Air Quality and Wellness Devices Worth Considering for a Healthier Home
habits reduce stress
7 Habits That Reduce Stress Long Term and Feel Calmer Daily