Apple just released iOS 14.4 and iPadOS 14.4, and the update notes contain some worrying language (via TechCrunch). Under kernel updates, Apple notes that “a malicious application may be able to elevate privileges,” and under WebKit updates, it says “a remote attacker may be able to cause arbitrary code execution.” After both statements, the update notes say, “Apple is aware of a report that this issue may have been actively exploited.”
What this means, broadly, is that you should update your iOS devices as soon as possible. To put the language into plain terms: Apple found a security hole in its operating systems, and it also has evidence that someone may have exploited it. The update notes don’t have any further details, so for now, we don’t know who may have used the security breach or what they may have been using it for.