Not going...
... to use this issue to attack Apple.
Not going to use this issue to defend others.
Any OS - and pretty much any complex software (for a given value of 'complex') - can be attacked. That doesn't mean it's badly coded, though it might. It doesn't mean it has deliberately planted back-doors - though it might.
It simply means what it says. All software can be attacked. All.
Which instances we use, how we use them, what we do to minimise risk - these are choices. But risk, risk awareness and risk acceptance aren't. Ever.