Apple Updates iPhones After Targeted Attacks
•February 20, 2026
0
Companies Mentioned
Why It Matters
The incident highlights the persistent threat of zero‑day exploits to high‑value targets and underscores the need for rapid cross‑industry collaboration on security disclosures.
Key Takeaways
- •Apple patches dyld memory‑corruption zero‑day (CVE‑2026‑20700).
- •Flaw exploited against specific individuals before iOS 26.
- •Google Threat Analysis Group disclosed vulnerability.
- •Prior patches (CVE‑2025‑14174, CVE‑2025‑43529) addressed related exploits.
- •Incident underscores surveillance firms' reliance on zero‑days.
Pulse Analysis
The newly disclosed CVE‑2026‑20700 exploits a memory‑write weakness in Apple’s dyld, the Dynamic Link Editor that loads executable code on iPhones, iPads, and Macs. By allowing arbitrary code execution, the flaw gives attackers deep system control, a capability that can be weaponized for espionage or data theft. Apple’s swift rollout of patches across its ecosystem demonstrates the company’s commitment to mitigating high‑severity vulnerabilities, especially after the bug lingered unpatched for weeks, exposing a critical window for adversaries.
Google’s Threat Analysis Group played a pivotal role by identifying the flaw and alerting Apple, illustrating how private‑sector threat intel can accelerate remediation. This collaboration is increasingly vital as nation‑state actors and commercial surveillance firms, such as NSO Group, hunt for zero‑days to embed spyware on premium devices. The convergence of multiple CVEs in a single campaign suggests a coordinated effort, raising concerns about the broader market for undisclosed exploits and the ethical responsibilities of both discoverers and vendors.
For enterprises and high‑profile individuals, the episode serves as a reminder that timely software updates are non‑negotiable. Delays in patch deployment can translate into actionable footholds for sophisticated attackers. Organizations should bolster their patch‑management processes, incorporate threat‑intel feeds, and consider layered defenses like runtime integrity monitoring. As Apple tightens its security posture, the industry must continue to prioritize rapid disclosure, cross‑company cooperation, and proactive defense strategies to stay ahead of evolving threat actors.
Apple Updates iPhones After Targeted Attacks
Apple updates iOS, iPadOS, macOS after Google uncovers security flaw being actively exploited to target specific individuals · By Matthew Broersma, February 20 2026, 8:00 am
Apple has issued updates for its iPhone, iPad and Mac operating systems after finding that a previously unknown flaw was used in an “extremely sophisticated” attack.
The issue, tracked as CVE‑2026‑20700, exploits a memory‑corruption problem in dyld, the Dynamic Link Editor used by a range of Apple devices, to allow an attacker with memory‑write capability to execute arbitrary code, Apple said.
Image credit: Unsplash
Zero‑day flaw
Google Threat Analysis Group discovered the issue, which Apple said was used along with two other previously patched flaws to carry out attacks on specific people.
“Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26,” Apple said in an advisory.
Apple said the patches it issued in December for the two other flaws, tracked as CVE‑2025‑14174 and CVE‑2025‑43529, were created in response to the same report.
Phone hacking
This indicates that the newly fixed bug was left unpatched for several weeks.
Apple has in the past taken issue with Google over reports of threats to iPhone users that it felt were overstated.
Surveillance firms such as NSO Group typically use zero‑day flaws to install their software on smartphones, including iPhones.
0
Comments
Want to join the conversation?
Loading comments...