Apple has released out of band patches for iPhones, iPads, and Macs running iOS 14 and Big Sur respectively. Both address CVE-2021-30807, a security bug being actively exploited in the wild that allows hackers to run their own code without your own intervention at the highest privileges and is actively being exploited in the wild. This appears to be one of the bugs revealed in the Pegasus spyware revelations, so it is critical that you update this immediately.
Also, if you’re a user of an iPhone with TouchID using an Apple Watch, and TouchID wouldn’t unlock your Watch, this issue will fix it.
Update: July 30, 2021: WatchOS 7.6.1 has been released patching the same vulnerability as well, so make sure you get that.