Five privilege escalation exploit chains actively used to compromise iOS devices by unknown attackers have been discovered in the wild by Google’s Threat Analysis Group and Project Zero teams earlier this year. The threat actors used compromised websites to run watering hole attacks targeting users of iPhone devices running almost all versions between iOS 10 and iOS 12, sites that were visited thousands of times each week. In total, the Google security researchers found 14 iOS vulnerabilities being exploited as part of the five unique exploit chains, five impacting the kernel, seven the iPhone web browser, and two sandbox escapes.
Source: https://www.bleepingcomputer.com/news/security/google-warns-iphone-users-of-data-stealing-malware-attacks/