Apple Zero-Day Vulnerability Actively Exploited in Sophisticated Targeted Attacks - cyberpress.org

Apple Zero-Day Vulnerability Actively Exploited in Sophisticated Targeted Attacks By AnuPriya February 12, 2026 Categories: Cyber Security NewsCybersecurityVulnerabilityZero-day Apple has rushed out emergency security updates for iOS and iPadOS to address a critical zero-day vulnerability that is currently under active attack. Tracked as CVE-2026-20700, this flaw was flagged by Google’s Threat Analysis Group. Apple labels it part of “extremely sophisticated” cyberattacks targeting specific high-profile individuals, such as activists or journalists. The Core Problem: A dyld Memory Corruption Flaw At the heart of this issue sits dyld, Apple’s Dynamic Link Editor, a key system component that loads apps and libraries. The bug triggers memory corruption, where the system mishandles data storage. This creates a dangerous opening for attackers. In tech terms, it allows “arbitrary code execution.” Hackers can inject and run malicious code remotely, bypassing safeguards. Imagine a poisoned app link: clicking it lets attackers install spyware, steal contacts, or snoop on messages without you noticing. Apple rarely discloses active exploits, but they confirmed this one’s in the wild, possibly chained with older flaws like CVE-2025-14174 and CVE-2025-43529. Attackers likely use a browser entry point to trigger the dyld bug, seizing full device control. This zero-day hits iPhone 11 and later models, plus iPads like Pro (2018+), Air (3rd gen+), and mini (5th gen+). No older devices escape if running vulnerable iOS/iPadOS versions. The iOS 26.3 and iPadOS 26.3 updates go further, squashing multiple threats: CVE ID Component Type Severity Description CVE-2026-20700 dyld Memory Corruption Critical Enables arbitrary code execution; actively exploited. CVE-2025-14174 WebKit Use-after-free High Browser sandbox escape; chained in attacks. CVE-2025-43529 Kernel Privilege Escalation High Elevates app access to root level. CVE-2026-20701 Bluetooth Denial of Service Medium Nearby attackers crash devices. CVE-2026-20702 Wi-Fi Traffic Interception High Exposes network data. CVE-2026-20703 Photos Info Disclosure Medium Leaks data on locked devices. These patches block kernel root access, fix Bluetooth/Wi-Fi crashes or snooping, and secure Photos/Contacts from unauthorized peeks even on locked screens. Zero-days like this thrive in spyware campaigns, such as those from nation-state actors. Chaining bugs amplifies damage: one cracks the door, dyld kicks it wide open. Security firms like Google TAG spotted it via real-world targeting, underscoring the urgency. Apple urges immediate action. Head to Settings > General > Software Update, tap “Download and Install” for iOS/iPadOS 26.3. Enable auto-updates to stay ahead. No user interaction is needed for the exploit, so unpatched devices remain at risk. This incident highlights Apple’s cat-and-mouse game with elite hackers. Past zero-days hit NSO Group’s Pegasus; this could signal similar tools. Stay vigilant; updates are your best defense. Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google. Share Facebook Twitter Pinterest WhatsApp AnuPriya Any Priya is a cybersecurity reporter at Cyber Press, specializing in cyber attacks, dark web monitoring, data breaches, vulnerabilities, and malware. She delivers in-depth analysis on emerging threats and digital security trends. Recent Articles Google Chrome Update Fixes 26 Security Flaws, Including RCE Vulnerabilities Cyber Security News March 20, 2026 Critical UNISOC T612 Modem Flaw Enables RCE via Cellular Calls Cyber Security News March 20, 2026 Fake Tools Fuel Vibe-Coded Malware Campaign Targeting Unsuspecting Users cryptocurrency March 20, 2026 Cobra DocGuard Hijacked By Speagle Malware For Sensitive Data Theft APT March 20, 2026 ScreenConnect Deployed via SILENTCONNECT Using VBScript and PEB Masquerading Cyber Security News March 20, 2026 Related Stories Cyber Security News Google Chrome Update Fixes 26 Security Flaws, Including RCE Vulnerabilities AnuPriya - March 20, 2026 Cyber Security News Critical UNISOC T612 Modem Flaw Enables RCE via Cellular Calls AnuPriya - March 20, 2026 cryptocurrency Fake Tools Fuel Vibe-Coded Malware Campaign Targeting Unsuspecting Users Varshini - March 20, 2026 APT Cobra DocGuard Hijacked By Speagle Malware For Sensitive Data Theft Varshini - March 20, 2026 Cyber Security News ScreenConnect Deployed via SILENTCONNECT Using VBScript and PEB Masquerading Varshini - March 20, 2026 APT Russian APT Exploits Zimbra XSS In GhostMail Attacks On Ukrainian Government Varshini - March 20, 2026 LEAVE A REPLY Comment: Name:* Email:* Website: