Apple has warned iPhone users that they are at risk from "mercenary spyware attacks" that can steal data without a single click from the victim, or even opening a suspicious link.
According to the company, the risk comes mainly from users who have not updated their phones to the latest version of the iOS 26 system.
This update contains advanced security improvements that protect against vulnerabilities that hackers have used in real-world attacks. Specifically, they exploited hidden vulnerabilities in the part of the iPhone that handles web browsing, called WebKit.
WebKit is the engine used by Safari and other iPhone apps. Vulnerabilities in older versions of the system allowed hackers to execute malicious code simply by tricking the phone into opening corrupted web content.
This type of attack is called "zero-click" because it does not require victims to open suspicious emails or click on any malicious links.
Apple has confirmed on its support pages that these vulnerabilities have been exploited in highly sophisticated spyware campaigns, mainly targeting journalists, activists and politicians.
But the company warned that these mercenary attacks are global and ongoing, meaning that about a billion iPhone users who don't use iOS 26 are exposed to cyberattacks, including those that cannot be predicted.
How to protect yourself: Apple recommends downloading iOS 26 or 26.2 and immediately restarting your iPhone to eliminate any hidden malware. Leaving your phone on an older version means users lose all security improvements, as Apple no longer offers updates for older versions.
This includes iOS 18, which was released in September 2024 and was the last update before iOS 26.
Apple warned: "The extreme cost, sophistication and global nature of mercenary spyware attacks make them some of the most advanced digital threats existing today."
The company did not reveal the names of specific hacking groups, but stressed that the attackers are extremely well-funded and sometimes trick victims by sending them fake messages that look like urgent notifications from Apple.
Apple clarifies: “Threat notifications will never ask you to click links, open files, install apps, or provide your Apple Account password or verification code.”
Hackers have exploited hidden vulnerabilities in the iPhone system, known as zero-day exploits, which allow criminals to identify vulnerabilities before Apple can issue a fix. This allows them to send messages or links designed to automatically activate the vulnerability, without requiring a user to click on it.
Spyware installs itself in the background, giving hackers complete control to execute commands, hide activity, and appear as a normal application. This allows them to steal messages, emails, photos, videos, record calls, passwords, or location data in real time.
iOS 26 and 26.2 updates strengthen iPhone security by patching hidden zero-day vulnerabilities in WebKit and Kernel, as well as fixing issues with FaceTime, Messages, Photos, the Apple App Store, and Screen Time.
However, as of January 2026, only 16% of iPhone users have downloaded any version of iOS 26, according to Malwarebytes Labs.
Apple also points out that phones older than the iPhone 11 are not compatible with iOS 26, including models like the iPhone XR, XS, XS Max, X, 8 and older. /GazetaExpress/
edition
t7 live
