Re: The notion that iOS devices are immune to malicious code
I may be wrong, but I only recall one Safari vulnerability that allowed a jailbreak / installing malicious code simple by clicking a browser link (JailbreakMe). This was around 2011 I believe.
All other non-computer jailbreaks or web based malware attacks I've seen since have involved downloading and installing an enterprise certificate and then installing an app from a third party. This is a 6-8 step process with lots of popups and warnings about installing non-App Store apps and trusting enterprise certificates. Not the sort of thing you can accidentally do (social engineering aside).
There's a pretty good list here (https://www.theiphonewiki.com/wiki/Malware_for_iOS) and it seems 99% of the 'in the wild' stuff are malicious 'tweaks' from the Cydia store, only applicable to Jailbroken devices or installed via enterprise certificates. Certainly not 'numerous Safari browser based vulnerabilities'.