This “zero-click” exploit was found by Citizen Lab researchers at the University of Toronto on September 7. Apple was informed of the exploit right away and has since issued a patch to address the problem. While the exploit was likely being used for specific targets like activists and reporters, it’s recommended that everyone install the new patch if they’re able.
Jamie Street / Unsplash
Without the security update, hackers can infect a given Apple device (computer, phone, tablet, or even watch) just by sending an image. You wouldn't even have to open or otherwise interact with the image file for it to affect your device—simply receiving it is enough. If your device can use iMessage, it's at risk until you update.