Apple has issued a warning to iPhone users about the risk of ‘mercenary spyware attacks’ that can pilfer data without requiring the user to click on any dubious links.

According to the tech behemoth, this threat is primarily due to a significant number of users not upgrading to the latest software version, iOS 26.

This update includes enhanced security features to combat new vulnerabilities that hackers have reportedly exploited in actual attacks. In particular, they have taken advantage of subtle weaknesses within the iPhone’s web browsing component, WebKit.

WebKit, the engine behind Safari and other iPhone applications, has vulnerabilities in older systems that allow hackers to execute malicious code on a device by simply luring it into loading tainted web content.

Such breaches are often termed ‘zero-click’ attacks because they do not require the victim to open a suspicious email or click on harmful links once the system is compromised.

Apple has acknowledged on its support pages that these flaws in outdated iPhone software have been exploited in highly targeted and advanced spyware operations, primarily directed at journalists, activists, and politicians.

However, the company warned that these mercenary attacks were ‘global and ongoing,’ meaning the roughly one billion iPhone users not using a version of iOS 26 are at risk of cyberattack, including ones that users can’t see coming.

Apple said that the remedy is to download either the iOS 26 or iOS 26.2 operating system updates and then restart the iPhone immediately to potentially clear out any hidden malware.

Apple has urged all Apple iPhone users to immediately update to their new iOS 26 operating system 

Apple added that leaving iPhones patched with older software means users are missing the fixes entirely, since Apple stopped providing security updates for those versions on newer phones.

This includes iOS 18, which was released in September 2024 and was the last major operating system update for the iPhone before iOS 26 was introduced last year.

‘The extreme cost, sophistication, and worldwide nature of mercenary spyware attacks make them some of the most advanced digital threats in existence today,’ Apple warned in a statement.

Apple refused to name specific cyberterrorist groups or other known actors engaged in hacking as part of the widespread threat targeting iPhone users.

However, the tech giant claimed that the cybercriminals carrying out the hacks were ‘exceptionally well funded’ and were even tricking some victims into believing they had been sent an urgent message from Apple, warning of suspicious account activity.

‘Apple threat notifications will never ask you to click any links, open files, install apps or profiles, or provide your Apple Account password or verification code by email or on the phone,’ the company wrote in April 2025.

Hackers have reportedly been taking advantage of hidden flaws in the iPhone’s software. This is known as zero-day exploits and means that criminals know about the flaws before Apple does and can devise a fix.

This allows them to send specially crafted messages or links that trigger the vulnerability automatically without users needing to click or open anything, like a door they force open using code designed to match the exact weakness in iOS.

Less than 20 per cent of all iPhone users are reportedly using iOS 26, which protects devices from the latest cyberattacks (Stock Image)

When it comes to certain threat actors targeting specific targets, such as politicians and journalists, the hackers might have learned their iPhone was vulnerable by first gathering information about the device through fake Apple alerts that prompted victims to reveal their current iOS version.

Once inside, the spyware installs itself quietly in the background, giving hackers full remote control to run commands, hide their activity, and pretend to be a normal app or process running in the background of the iPhone.

This allows hackers to steal a wide range of personal data, copying text messages, emails, photos and videos. Cybercriminals can hack into an iPhone and even record calls, keystrokes, password  or location data in real-time.

The new iOS 26 updates, including the latest version 26.2, add stronger security shields to the iPhone by fixing the hidden zero-day bugs in the software.

Apple has noted that iOS 26 fixes several key parts of WebKit and the Kernel, the core ‘brain’ that controls how the phone runs everything.

It also fixes problems with FaceTime, Messages, Photos, the Apple App Store, and Screen Time. The fixes work by adding better checks, stronger memory handling and better website validation checks, which keep out malicious web pages.

As of January 2026, however, Malwarebytes Labs reported that only 16 percent of all iPhone users have downloaded any version of iOS 26.

Apple has also noted that iPhones older than the iPhone 11 series are not compatible with iOS 26. This includes models like the iPhone XR, iPhone XS, iPhone XS Max, iPhone X, iPhone 8 and anything older than that.