There have been MANY such attacks against the iPhone (and every other device), most of them against the biometrics mechanisms, which tend to be pretty weak as a matter of first principles. Add to that the persistent hints/rumors/claims of gray market unlock/rooting kits available to large entities. Phones just aren't that secure, though they're much more so than they were a decade ago. Security vs. physical access is an extremely hard nut to crack, it's only been in the last few years that we genuinely thought it was even possible.

Okay, but fooling a biometrics sensor is not exactly a Lock Screen bypass. Has iOS had a Lock Screen bypass?

Fooling a biometric sensor is precisely a lock screen bypass, that's what the biometrics are for. By that logic the linked bug was "fooling the SIM security layer" and not a "lock screen bypass". Don't play that game, it's bad logic and bad security practice.

But it’s a fundamentally different type of security bug: these biometrics bypasses require knowing something about the user (lift a fingerprint, picture of a face, etc).

I see this as a different class: I can grab an unknown person’s Pixel they left in a coffee shop and get into it.

Cellebrite sits on a pile of unlock exploits for Apple devices and sells unlocking services to law enforcement, or presumably anyone with money.

https://cellebrite.com/en/cas-sales-inquiry/

Zerodium brokers sales of iOS FCP Zero Click for $2m. I expect they sell to people like Cellebrite who can make a profit selling expensive unlocks and keeping the vuln secret.

https://www.zerodium.com/program.html

All phones are security shit shows. It is just a game of how well known this months exploits are and how much someone has to gain by targeting you.

It has had multiple remote, zero click remote code execution exploits so it's actually worse?