Spyware Alert: Apple Fixes Critical Zero-Day CVE-2026-20700 Exploited in “Sophisticated” Attacks

Apple has disseminated urgent security remediations to neutralize a zero-day vulnerability already weaponized in targeted offensives against select individuals. The corporation characterized the breach as an “exclusively sophisticated” operation meticulously engineered for specific targets.

The flaw, cataloged as CVE-2026-20700, resides within the dynamic library loading component utilized across all primary Apple operating systems. This defect facilitates arbitrary code execution should an adversary successfully manipulate memory write capabilities. Consequently, triumphant exploitation grants an antagonist absolute command over systemic instructions.

Apple’s security bulletin elucidates that this vulnerability was part of an exploit chain involving two previously patched flaws from December—CVE-2025-14174 and CVE-2025-43529. All three vulnerabilities have surfaced within the same tactical incidents. Nevertheless, the firm remains reticent regarding the technical intricacies of the incursion and the precise methodology of infiltration.

The discovery is attributed to Google’s Threat Analysis Group (TAG). At present, further supplementary data regarding the exploitation sequence remains undisclosed to the public.

These critical remediations are now accessible for iPhone models commencing with the iPhone 11, various iPad Pro, Air, and mini iterations, and Mac computers running the contemporary macOS Tahoe architecture. The patches have been integrated into the releases of iOS 18.7.5, iPadOS 18.7.5, macOS Tahoe 26.3, tvOS 26.3, watchOS 26.3, and visionOS 26.3.

Despite the surgical nature of these assaults, users are urged to expedite the installation of these updates. This marks the inaugural zero-day vulnerability resolved by Apple in 2026, following the remediation of seven such critical flaws throughout the preceding year.