Apple today released yet another update to iOS 9.3. Like 9.3.4 - which was only released a few weeks ago - 9.3.5 promises important security fixes.
According to The New York Times, a company called NSO Group - which is "an Israeli outfit that sells software that invisibly tracks a target's mobile phone" - has been exploiting three separate security vulnerabilities in iOS. According to the report, the company uses it to spy on journalists (yikes) and dissidents.
Indeed, Apple's own release notes state that there are three vulnerabilities that iOS 9.3.5 should fix, two of which are listed as the kernel and one being with WebKit. It's unknown whether or not these vulnerabilities also exist in the iOS 10 beta, as there hasn't been an update to that since last week.
You can grab iOS 9.3.5 the same way that you would get any iOS software update, which is to head over to Settings -> General -> Software Update. It's available for all devices that supported iOS 9, and it's recommended that all users upgrade.