Yes, this is true, it’s really hard to hack iOS, but see, this is not always the case if the application installed on the iOS device is vulnerable to an attack (same case with what happened on WhatsApp). Here’s a brief explanation about the vulnerability to get a better idea of what I mean, but It has been patched since then and every day there are new vulnerabilities that get patched so quickly. Check this example.
Also, please note that if the iOS device is jailbroken, then the ssh service will be installed automatically which might make the device vulnerable to attack if the user didn’t change the default password which is ‘alpine’ by default, thus making it easier to gain access through a default configuration. Another thing to mention is that you need to understand how iOS works internally in order to exploit it. You can refer to the following source for more info:
You can also search on the Internet for recent vulnerability to see what you can find including https://exploit-db.com and other sources as well…