A newly disclosed exploit targeting the “MobileGestalt” subsystem in iOS 26.0.1 unlocks unauthorized writes to protected directories on mobile devices, bypassing sandbox boundaries and undermining device integrity. With attackers gaining access to system caches and user-data partitions via manipulated databases, the line between device and infrastructure has blurred, turning mobile endpoints into active threat vectors. As organizations increasingly use smartphones and tablets for critical access, monitoring for anomalous system behavior, enforcing strict OS patching, and securing mobile app hygiene are no longer optional but essential.
Read the full analysis here.