Apple Issues Spyware Attack Warning to Targeted Users
▼ Summary
– Apple warned customers of new spyware attacks targeting their devices, as reported by France’s CERT-FR.
– The attacks, occurring at least four times since early this year, were highly sophisticated and often used zero-day vulnerabilities.
– Notifications were sent to users’ linked phone numbers and emails, indicating potential device compromise upon receipt.
– Targeted individuals included journalists, activists, politicians, and other high-profile or strategic roles.
– Apple advises affected users to enable Lockdown Mode and seek help from Access Now’s Digital Security Helpline.
Apple has issued a series of urgent warnings to users whose devices may have been targeted by highly sophisticated mercenary spyware attacks. These notifications, sent directly to affected individuals, highlight a growing trend of zero-interaction exploits aimed at high-profile targets across multiple sectors.
The French national Computer Emergency Response Team (CERT-FR) confirmed awareness of at least four separate instances of these Apple threat notifications since the start of the year. These alerts were distributed on March 5, April 29, June 25, and most recently on September 3. Recipients were contacted via the phone numbers and email addresses linked to their Apple ID accounts. The warnings also appear prominently at the top of the page when users sign into their account through Apple’s official website.
According to cybersecurity experts, these attacks are exceptionally advanced, often leveraging zero-day vulnerabilities and requiring no interaction from the victim. The targets are typically selected based on their profession or influence, individuals such as journalists, activists, politicians, lawyers, and high-ranking officials in strategic industries. Receiving one of these notifications indicates that at least one device connected to the user’s iCloud account was targeted and may have been compromised.
Although CERT-FR did not disclose specific triggers for the recent alerts, Apple recently addressed a critical zero-day flaw tracked as CVE-2025-43300. This vulnerability was chained with a separate WhatsApp zero-click exploit (CVE-2025-55177) in what the company described as an “extremely sophisticated attack.” In response, WhatsApp advised affected users to perform a factory reset on their devices and ensure all software remains updated.
Apple recommends that anyone who receives a threat notification enable Lockdown Mode on their Apple devices and seek immediate support through Access Now’s Digital Security Helpline. The company has been sending these warnings multiple times per year since 2021, with notifications reaching users in more than 150 countries. Apple emphasizes that it does not attribute these attacks to any specific threat actor or geographic region.
An Apple spokesperson was not available for additional comment at the time of reporting.
(Source: Bleeping Computer)
