How iOS 26.2 Fixes Huge Cyber Flaws & Thwarts iPhone Spyware

When Apple released iOS 26.2 update, it was with a warning: “update your iPhone now” – not because of all the fuzz about liquid glass, but for two big, buggy reasons. 

The Apple iOS 26.2 patches 26 flaws, two of which the company says are currently being exploited by attackers. 

iPhone security update iOS 26.2 includes patches for vulnerabilities in WebKit, which powers the Safari browser and iOS applications, making this update critical. 

“These flaws allowed malicious web content to execute arbitrary code on vulnerable devices,” says Moshe Levi, Global Manager of the Checkpoint PT Team. 

“Since WebKit powers Safari and many iOS applications, the potential impact is significant.

“Apple confirmed that the vulnerabilities were exploited in the wild, making this update a high-priority patch for all users," he says.

“Update all devices to iOS 26.2 immediately and stay alert for emerging proof-of-concept details from trusted security feeds.

“Keep your device up to date first – save the 'how much battery does it consume?' questions for later.”

iOS 26.2 fixes active spyware exploits on iPhones

Apple confirmed that its devices are being targeted by stealthy malware, as the iPhone maker warned users in 80 countries by sending out cyber threat notifications.

In lieu of scammers using threat notifications as a form of phishing attack, the company notes that Apple threat notifications will never ask users to click links, open files, install apps or ask for account passwords or verification code. 

The WebKit related CVE-2025-43529 and CVE-2025-14174 vulnerabilities patched by iOS 26.2 will prevent iPhones from being exploited by extremely targeted malwares such as Pegasus and Predator that were used to spy on dissidents, journalists and certain businesses. 

By moving to the latest version of iOS and by using Apple’s Lockdown Mode, users can prevent being hit by malware.

Device lags, overheating and presence of apps that users did not install may signal that your device has been affected by malware.

Apple kernel and payment token vulnerabilities patched

CVE-2025-46285 is an iPhone Kernel vulnerability that allows malicious apps to gain root privileges was rooted out in the 26.2 security upgrade. 

Other severe issues that could allow certain applications to access sensitive payment tokens that would expose financial data were also fixed in this upgrade. 

The company says these vulnerabilities may have been used by cyber criminals as part of a wider attack chain. 

Once security patches are released, attackers can easily go on the offensive against users who haven’t upgraded their software to incorporate the new patches, making it imperative that users do update to the latest secure version as soon as possible. 

“Users should update now from their phone’s settings – and not via links or popups – and encourage their friends and family to do the same,” says Javvad Malik, Lead CISO Advisor at KnowBe4.

The number of crucial vulnerabilities patched by the iOS 26.2 update, highlights the need to be up to date with the latest security releases, as remaining on an old version stands as an invite for attackers looking for open doors into your systems.