iOS 26.2 Addresses Actively Exploited Security Flaws

Apple has released iOS 26.2, concluding days of anticipation around the update’s timing. The release carries significant security importance, addressing more than 20 vulnerabilities, including two that Apple says “may have been exploited in an extremely sophisticated attack.” The update follows recent spyware warnings issued to users worldwide, reinforcing the urgency of installation.

The most critical vulnerabilities affect WebKit, the browser engine that underpins Safari as well as all third-party browsers on iOS, including Chrome, Firefox, and Microsoft Edge. Because WebKit processes web content, it remains a high-value target for attackers seeking remote access through maliciously crafted websites, according to Forbes.

The two flaws, tracked as CVE-2025-43529 and CVE-2025-14174, were disclosed by Google’s Threat Analysis Group. According to Apple, both vulnerabilities could allow memory corruption when handling malicious web content on devices running versions earlier than iOS 26. Security researchers note that the close relationship between the two bugs strongly suggests they were used together, a technique commonly associated with commercial spyware and surveillance operations.

The release timing itself has raised concerns. Apple rarely issues major security updates on a Friday, a move widely interpreted as signaling heightened risk. Earlier in the week, a second release candidate was distributed to beta testers, indicating that late-stage security fixes or stability issues required urgent attention before public deployment.

iOS 26.2 also arrives as Apple continues to push users on older versions, including iOS 18, to upgrade. iOS 26 introduces enhanced scam detection, stronger Safari anti-fingerprinting protections, and new privacy controls. Among them is an AirDrop PIN feature, released amid growing attention on cross-platform attempts to interface with Apple’s proprietary sharing protocol.

Independent security reporting supports Apple’s assessment of the threat. Cyber Press and The Hacker News report that the WebKit vulnerabilities were likely exploited in highly targeted campaigns against specific individuals. Experts believe the flaws may have been part of a chained zero-day exploit designed for espionage or mercenary spyware use.

While Apple has emphasized that the attacks were targeted, security specialists warn such exploits rarely remain limited for long. Once disclosed, they often become valuable tools for a broader range of threat actors.

Given the active exploitation and the potential for wider abuse, installing iOS 26.2 promptly is considered essential for maintaining device security.