Stop procrastinating and install iOS 8.4.1. It has some seriously important security fixes.
The Ins0mnia threat is pretty serious because it can run on iOS devices without crafty hacks. Bad guys simply needed to code otherwise legit apps to trick iPhones and iPads into thinking they're in debugging mode. That disables the auto shutdown for running processes, and lets hackers collect data even if users close their app. Since the attack used Apple's own troubleshooting tools, it was possible for hackers to slip apps past the App Store vetting process and distribute them just like legit apps.
Security research company FireEye described the threat like this:
FireEye mobile researchers discovered a security vulnerability that allowed an iOS application to continue to run, for an unlimited amount of time, even if the application was terminated by the user and not visible in the task switcher. This flaw allowed any iOS application to bypass Apple background restrictions. We call this vulnerability Ins0mnia.
Once iOS 8.4.1 was released, however, that threat was shut down—assuming iPhone, iPad, and iPod touch owners actually installed it. Unfortunately, Apple chose to pass off the iOS 8.4.1 update as if it was little more than a collection of fixes for Apple Music, which didn't instill a sense of urgency.
TMO's John Martellaro summed it up nicely when he said, “The bottom line? Never ignore even what looks like a minor update that appears on the surface to only address, in this case, some Apple Music glitches.”
If you haven't installed the iOS 8.4.1 update yet, go to Settings > General > Software Update on your iPhone, iPad, or iPod touch and get started.