Apple iPhone security flaw leaves millions of devices vulnerable to attacks
NEWYou can now listen to Fox News articles!
Apple’s iPhone is the most popular smartphone in the United States and one of the most used devices in the world. An estimated 1.6 billion people use an iPhone every day. This massive user base also makes the platform a prime target.
In recent weeks, Apple has issued warnings about a serious security breach. New data suggests the risk could affect around half of all iPhone users.
This currently puts hundreds of millions of devices at potential risk.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive offers straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM bulletin.
WHATSAPP WEB MALWARE AUTOMATICALLY SPREAD BANKING TROJAN
Apple is warning iPhone users about a serious security flaw in Safari that could leave hundreds of millions of devices vulnerable if updates are delayed. (Thomas Truutschel/Photo Library via Getty Images)
What Apple discovered in Safari and WebKit
Late last month, Apple confirmed two critical vulnerabilities in WebKit. WebKit powers Safari and all browsers running on iOS. According to Apple, the flaws were used as part of a highly sophisticated attack targeting specific individuals. The issue allowed malicious websites to trick iPhones and iPads into running harmful code. Once this happens, attackers could take control of the device, steal passwords or access payment information. Simply put, visiting the wrong website could have been enough.
Why millions of iPhones are still exposed
Apple moved quickly to release a fix. The fix is included in the latest software update. The problem is that many people haven’t installed it yet. Estimates suggest that around 50% of eligible users have not upgraded from iOS 18 to iOS 26. This would leave around 800 million devices vulnerable worldwide. Data from StatCounter paints an even worse picture. It is estimated that only 20% of users have updated so far. Once security details become public, the risk increases quickly. Attackers know exactly what to exploit.
iPhone and iPad models most at risk
Apple says the following devices are affected if they are not updated:
- iPhone 11 and later
- iPad Pro 12.9-inch 3rd generation and later
- iPad Pro 11-inch 1st generation and later
- iPad Air 3rd generation and later
- iPad 8th generation and later
- iPad mini 5th generation and later
If your device appears in this list and you haven’t updated it, it is vulnerable.
INSTAGRAM PASSWORD RESET SURGE: PROTECT YOUR ACCOUNT
New data suggests that nearly half of all iPhone users worldwide could still be exposed to a critical WebKit exploit, which Apple says has been actively used in attacks. (Jakub Porzycki/NurPhoto via Getty Images)
Why Upgrading is the Only True Protection
There is no setting to reverse or any safe browsing habits that solve this problem. The vulnerability lies deep in the browser engine. Security experts say there are no workarounds or user behaviors that can significantly reduce the risk. Installing the latest software is the only effective defense. Apple is no longer offering a security update only for users who want to stay on iOS 18. Unless your device can’t run iOS 26, the fix is only available through iOS 26.2 and iPadOS 26.2.
Steps to Update Your iPhone or iPad Now
Updating is quick and generally painless. If automatic updates are enabled, the patch may already be installed.
Otherwise, follow these steps:
- Open it Settings app on iPhone
- Faucet General
- Select Software update
- Download and install iOS 26.2 or iPadOS 26.2 or later
Make sure your device is connected to Wi-Fi and has sufficient battery life or is plugged in.
Pro Tip: Use Powerful Antivirus Software
Keeping your iPhone up to date is essential, but it shouldn’t be your only line of defense. Powerful antivirus software adds another layer of protection by scanning for malicious links, blocking risky websites, and alerting you to suspicious activity before damage is done.
This is even more important when attacks rely on compromised websites or hidden browser exploits. Security software can help you detect passing threats and give you additional visibility into what’s happening on your device.
Think of it as backup protection. Software updates close known vulnerabilities, while powerful antivirus tools help guard against the next one.
Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android, and iOS devices at Cyberguy.com.
Fake error popups spread malware quickly
Apple says malicious websites could exploit a Safari flaw to steal passwords or payment information from unpatched iPhones and iPads. (David Paul Morris/Bloomberg via Getty Images)
Kurt’s Key Takeaways
Apple rarely uses language like “extremely sophisticated” unless the threat is serious. This flaw shows how even trusted browsers can become avenues of attack when updates are delayed. Waiting weeks or months to update now has real consequences. If you use your iPhone for banking, shopping, or working, this update should be considered urgent.
How long do you usually wait before installing major iPhone updates, and is the delay still worth the risk? Let us know by writing to us at Cyberguy.com.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive offers straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM bulletin.
Copyright 2026 CyberGuy.com. All rights reserved.
