Viruses are very rare on all platforms, and malware is rare on iPhone. This is due in part to the app review process and the app store, the built-in iOS and iPadOS security, and the built-in anti-malware, as well as the telemetry, and the ability to remotely remove problematic apps.
Based on all available evidence and reporting, malware and exploits have been very rare, and very targeted. Full-remote no-click exploits with persistence for iOS or iPadOS were worth well more than two million dollars each, when last I checked. Those with such tooling are disinclined to use that tooling widely—very different from the widespread problems with Windows and viruses and worms from twenty or more years ago—as they don’t want their exploits patched. Which means the use of these tools has been targeted.
Now as for whether you are the target for any of the massively-expensive espionage-level tooling involved here? That’s for you to decide.
Security is a cost, too. Heaping on more security — unnecessarily — can or will introduce costs, and problems.
Materials containing words including "virus" and "hacker" are best assumed to be advertising, marketing, or entertainment, until proven otherwise. Those and similar words have been exceedingly effective at convincing some folks to load and use junk app and privacy-bypassing apps and data-harvesting services, too.
In recent years, folks can too often directly load what can look and work like malware, thinking it is protecting them from "viruses" or "hackers". One of the better known macOS anti-malware packages was caught selling personally-identified browsing data and web purchasing data for instance (and subsequently fined). Some of the common add-on "security" services badly solve a problem that hasn’t existed for a decade orvso, while perfectly positioned to collect personally-identified metadata, too.
Now is any of this helpful to you? Probably not. Palliatives seldom are.
What to do? Learn about and consider your particular threats. Maybe that means Safety Check, Lockdown Mode, unique and robust passwords, reviewing and resolving the Apple-generated security recommendations, enabling encrypted backups, enabling advanced data protection, and being aware for phishing and spear-phishing and the other sorts of security problems that are far more prevalent (and by all appearances, more effective) than has been iOS or iPadOS malware. Consider implementing security keys and passkeys, too.
One downside of upgrading your security and (for instance) taking over full control of Apple ID password resets: if incautious, you can get yourself completely and permanently locked out of your Apple ID should you misplace your security keys, etc.
Fear and paranoia are very profitable for some vendors, whether directly financially, or in terms of data and data harvesting and privacy.