Talking about security issues: A team at Google called Project Zero discovered a massive Day Zero (hence the name) exploit in iOS. Day Zero means that the vulnerability was previously unknown to the public and even the software publisher itself. In this case, Project Zero found out that visiting an infected website with your iPhone allowed hackers to install monitoring software on your device.
There was no target discrimination; simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant. We estimate that these sites receive thousands of visitors per week.
This is pretty bad news, because iOS was thought to be a very secure operating system with especially tight security restrictions. Turns out, there are many examples to be found in the iOS code base that are the result of bad programming and even worse QA.
we’ll see cases of code which seems to have never worked, code that likely skipped QA or likely had little testing or review before being shipped to users.
Luckily for you, these vulnerability are long patched by Apple, after Google let them in on their little secret. Additionally, these infected websites were mostly targeted at Uyghur muslims, and got probably hacked by Chinese state hackers.
Still, it’s scary to learn that there is probably no real safety whatsoever. The only thing you can do is to make sure to update your devices with the latest software available.