New Delhi: India’s top cybersecurity agency, the Indian Computer Emergency Response Team (Cert-In), has issued a serious warning for users of Apple devices. According to the advisory, multiple high-severity vulnerabilities have been found in several Apple products, which could allow cybercriminals to gain unauthorized access to users’ devices.
As per Cert-In, these flaws enable attackers to carry out “remote code execution”—meaning they can infiltrate a device without the user’s knowledge and take full control. This could lead to theft of sensitive data and compromise both the security and functionality of the device.
Which Devices and Versions Are at Highest Risk
The agency has clarified that older versions of iOS and iPadOS, particularly those prior to version 26.4, are most vulnerable to these threats. Devices that have not been updated with the latest security patches are especially at risk and could become easy targets for cyberattacks.
FCRF Launches Premier CISO Certification Amid Rising Demand for Cybersecurity Leadership
Experts say attackers can exploit these vulnerabilities to bypass built-in security layers. Once inside, they can access personal files, photos, banking details, login credentials, and passwords. This makes timely software updates not just important, but essential.
From Data Theft to Device Crash—Multiple Risks Involved
Cert-In has highlighted that these vulnerabilities could lead to a range of cyberattacks, including data theft, denial-of-service (DoS) attacks, spoofing, and memory corruption.
Cybercriminals may use these flaws to slow down devices, crash applications repeatedly, or even render the entire system unusable. This poses serious risks not only to individual users but also to professionals and businesses where sensitive data could be exposed or misused.
Chrome and Mozilla Users Also on Alert
The advisory is not limited to Apple alone. Cert-In has also identified critical vulnerabilities in Google Chrome and products from Mozilla. These issues, particularly in desktop browsers, could further expose users to cyber threats.
This indicates that the risk is widespread and not confined to a single platform. Anyone using internet-connected devices must remain cautious and proactive about cybersecurity.
Rising Threat of Spyware Attacks
Earlier, Apple had also issued warnings to selected users worldwide about potential “mercenary spyware” attacks. These attacks are far more advanced than typical cyber fraud and involve significant resources to target specific individuals.
Apple noted that such attacks are highly sophisticated, often costly, and short-lived, making them difficult to detect and prevent. However, the company also stated that the majority of regular users are unlikely to be targeted by these high-end attacks.
What Cyber Experts Say
Commenting on the issue, renowned cybercrime expert and former IPS officer Prof. Triveni Singh said,
“Cybercriminals are no longer limited to social engineering scams. They are now exploiting technical vulnerabilities to directly infiltrate devices. Users must prioritize regular updates and adopt strong cyber hygiene practices to stay protected.”
What Users Should Do—Immediate Steps to Stay Safe
Cybersecurity agencies have advised users to follow these essential precautions:
- Update your iPhone, iPad, and Mac to the latest software version immediately
- Avoid clicking on unknown links, emails, or attachments
- Use only trusted apps and official websites
- Enable strong passwords and two-factor authentication
- Regularly check for and install security updates
Vigilance Is the Only Defense in a Growing Cyber Threat Landscape
The best defense for users is awareness—keeping devices updated, staying alert to suspicious activity, and following basic cybersecurity practices can go a long way in preventing potential attacks.
