Apple is under attack once again, with the tech giant warning millions of customers to be on high alert for a 'sophisticated' hack that's affecting iPhones. 2026 is already off to a rocky start in terms of cybersecurity, and considering how many of us use our phones as personal diaries, work computers, and even banks, an assault on our iPhone privacy could have a devastating effect on our lives.
When you're spending hundreds (if not thousands) on a new iPhone, and entrusting so much of your life to Apple, it's no surprise the company puts a lot of time and energy into cybersecurity.
This latest issue comes after Apple warns around 50% of its 1.8 billion users haven't updated their devices to the latest iOS 26 software. As ever, the company is reminding us that you should have the latest software installed because it includes patches against new vulnerabilities.
The sophisticated attacks are said to use zero-click exploits that let hackers take control without clicking a link or even opening a file.
Advert
When a device is infected, these bad actors are able to skim your personal data, track your location, and access cameras or microphones. At the core of this, many are committing financial fraud.
According to Malwarebytes, all iPhone users should immediately restart and update their devices to ensure they have the latest security update installed.
On December 12, 2025, Apple was able to patch two WebKit zero‑day vulnerabilities that were linked to mercenary spyware. In the aftermath, it's been pushing those who own an iPhone 11 or later toward iOS 26+.
Advert
Researchers at Malwarebytes explained: "What many people don’t realize is that when you restart your device, any memory-resident malware is flushed, unless it has somehow gained persistence, in which case it will return.
"High-end spyware tools tend to avoid leaving traces needed for persistence and often rely on users not restarting their devices."
WebKit is crucial to powering Apple's Safari browser and numerous other iOS applications, meaning it's a 'big attack surface' to leave exposed to such risky behaviour.
The outlet reiterates that while attackers start by targeting diplomats, journalists, and executives, malware is repurposed to put the general public in their crosshairs. This means everyone is in danger of becoming a victim.
Advert
Due to complaints involving the Liquid Glass update and a general feeling that some don't want to upgrade to iOS 26 amid all the typical complaints that updates lead to battery drain and the like, the adoption of the latest iOS has been 'unusually slow'. Worringly, it's said that as of January 2026, only around 4.6% of active iPhones are on the new iOS 26.2, with just 16% using any version of iOS 26.
We're also reminded about the importance of restarting your device because it flushes out any memory-resident malware unless it's gained persistence. Malwarebytes stated: "High-end spyware tools tend to avoid leaving traces needed for persistence and often rely on users not restarting their devices."
In terms of staying safe, we're told to restart your device on a regular basis a weekly. The NSA suggests you do it once a week.
Advert
Elsewhere, don't open unsolicited links and attachments without knowing they're from a trusted sender. An easy way to remember this is that Apple threat notifications won't ask you to click links, open files, install apps, or ask for account passwords/verification codes.
Finally, if you consider yourself a high-value target or simply want an extra level of security, you might want to think about Apple’s Lockdown Mode.