A security researcher at ZecOps discovered a vulnerability in the iOS Mail app that he said has been exploited since 2018. Apple confirmed the exploit to Reuters and said a patch to fix the problem would be released soon.
iPhone's built-in mail app vulnerable to hackers
The details: According to the researcher, the attack starts with an email that’s crafted to overwhelm the Mail app. Once the email is received (iOS 13) or clicked on (iOS 12), a remote hacker can gain access to your device. The attack also doesn’t require a large email, the researcher said.
Since when? The vulnerability has reportedly existed since iOS 6 and the iPhone 5, although the researcher only cites 2018 as the first examples found “in the wild.”
Who's affected: Anyone who owns an iPhone or iPad is a potential target at this point. However, it's unlikely that hackers will want to take control of your iPhone. The researcher claims that individuals from an unnamed Fortune 500 company in North America, a Japanese carrier executive, a VIP in Germany, and a journalist in Europe have been hacked using this method.