Introduction: iOS 26 in March 2026

iOS 26, released on September 15, 2025, revolutionized the user experience with Liquid Glass and Apple Intelligence. But in March 2026, the attack surface remains a major concern for security experts. Each new feature mechanically expands the system's attack surface [1].

Note: No official public data from Apple precisely quantifies the rate of security incidents on beta versus stable versions. Caution is advised: use a dedicated device for beta testing.

Security Timeline

Apple Intelligence: AI Security

On-device processing minimizes leaks, but Prompt Injection attacks attempt to bypass Siri's instructions to perform unauthorized actions. An independent security analysis published in June 2025 by CyCraft tested Apple's on-device model.

🔬 Red team results (CyCraft, June 2025): Out of 196 injection attempts, Apple's on-device model blocked 70.4% of attacks, outperforming several comparable models like Llama-3.2 (55.1%) and GPT-4.1-nano (69.5%). However, 26% of optimized prompts produced technically detailed responses potentially exploitable.

⚠️ Reminder: The EAL6+ certification of Apple Secure Enclave chips does not protect against prompt injection attacks. These vulnerabilities exploit weaknesses in language models, not cryptographic hardware.

Liquid Glass & Hardware Risks

The Liquid Glass design multiplies transparency effects and GPU animations via Apple's Metal engine. This graphical sophistication increases rendering complexity.

❌ Correction — iLeakage is NOT linked to Liquid Glass: iLeakage (disclosed in October 2023, ACM CCS) is a speculative execution attack targeting Apple Silicon CPUs via Safari's JavaScript engine, with no connection to the Liquid Glass design or GPU rendering effects.

✅ No published CVE vulnerability to date explicitly ties Liquid Glass to data extraction via GPU side channels.

⚠️ Persistent hardware threats: SLAP and FLOP (January 2025)

In January 2025, researchers unveiled two new side-channel attacks, SLAP and FLOP, directly targeting Apple Silicon processors. These hardware vulnerabilities remain relevant and affect all iOS versions, including iOS 26 [18].

Apple's response: The company thanked the researchers but stated they do not consider these issues to pose "an immediate risk" to users. No complete fix has been deployed to date. Temporary mitigation: disable JavaScript in Safari.

Recent Vulnerabilities

The original descriptions of CVE-2025-24200 and CVE-2025-24201 were incorrect. Below are the official data consistent with Apple and NIST bulletins.

✅ Status in iOS 26: These two vulnerabilities were fixed several months before the public launch of iOS 26 (September 2025). Any device up-to-date since March 2025 was already protected.

Real vulnerabilities that appeared in iOS 26 (post-release)

Since the public release of iOS 26 in September 2025, Apple has fixed actively exploited vulnerabilities, notably in iOS 26.2 (December 12, 2025):

Both WebKit flaws were actively exploited in "extremely sophisticated" mercenary spyware attacks. CVE-2025-14174 also affected Google Chrome (via the ANGLE component).

📊 iOS 26 adoption — A major risk factor

As of January 2026, only 16% of active iPhones were running an iOS 26 version, of which barely 4.6% on iOS 26.2 (the version containing critical fixes). Resistance to the Liquid Glass design explains this unusually slow adoption. Consequence: the vast majority of users (about 80%) remain on iOS 18, exposed to a growing stock of unpatched flaws and without the enhanced memory protections (Memory Integrity Enforcement) exclusive to iOS 26.

Privacy and Dependencies

The integration of Apple Intelligence with third-party services like ChatGPT (OpenAI) introduces outbound data flows that deserve attention. Apple has implemented a Private Cloud Compute architecture for delegated AI requests, but the shared data surface remains to be monitored.

🔑 Third-party software dependencies: iOS beta apps often integrate preliminary framework versions. It is recommended to regularly audit published CVEs for third-party SDKs used in apps installed via TestFlight (especially AI and networking frameworks).

SafeITExperts Recommendations

To ensure the integrity of your professional data under iOS 26:

• 📱 Dedicated device: Never install the beta on your primary device. Use a secondary iPhone reserved for testing.
• 🔑 Two-factor authentication: Enable two-factor authentication on your Apple ID — essential at all times.
• 📦 Check TestFlight: Carefully verify the source of every TestFlight invitation before installing an app.
• 💳 Monitor Apple Pay: Enable transaction notifications and regularly check your statements.
• 🔄 Update promptly: Apply every security update as soon as it's available — WebKit zero-days are regularly exploited.
• 🔒 Lockdown Mode: For high-risk profiles, enable Apple's Lockdown Mode.

Conclusion: A Fragmented Security Landscape

iOS 26 embodies Apple's quest for a unified and intelligent mobile experience, but early adoption via the beta exposed users to increased risks. Since its public release, the security cycle has been active: three major updates in four months, two WebKit zero-days exploited in mercenary spyware attacks.

🔮 The good news: Updating to iOS 26.2 or later fixes all known vulnerabilities and adds unprecedented memory protections.

🔮 The bad news: With only 16% of compatible devices on iOS 26 and 4.6% on iOS 26.2 as of January 2026, the vast majority of users remain exposed to a growing stock of unpatched flaws.

⚠️ The new challenge: Hardware attacks like SLAP and FLOP remind us that some vulnerabilities persist at the silicon level and cannot be fully corrected by software alone.

« Absolute security does not exist — only a dynamic balance between features and risks. The quality of an analysis lies in the accuracy of its sources. » — SafeITExperts

Technical Glossary

Sources and References