Apple warned clients final week that their units had been focused in a brand new collection of spy ware assaults, in keeping with the French nationwide Laptop Emergency Response Staff (CERT-FR).
CERT-FR is operated by ANSSI, the Nationwide Cybersecurity Company, and is chargeable for stopping and mitigating cybersecurity-related incidents impacting public and important organizations.
In accordance with a Thursday advisory, CERT-FR is conscious of at the very least 4 situations of Apple menace notifications alerting the corporate’s customers about mercenary spy ware assaults which have occurred because the starting of the yr.
These alerts had been despatched on March 5, April 29, June 25, and final week, on September 3, to the cellphone numbers and e mail addresses related to the customers’ Apple accounts. In accordance with Apple, these warnings are additionally displayed on the prime of the web page after the consumer indicators in to their account at account.apple.com.
“The notifications despatched report extremely refined assaults, most of which make use of zero-day vulnerabilities or require no consumer interplay in any respect,” the cybersecurity company mentioned.
“Receiving a notification signifies that at the very least one of many units linked to the iCloud account has been focused and is doubtlessly compromised.”
Whereas CERT-FR did not share extra info on what prompted these alerts, final month Apple launched emergency updates to patch a zero-day flaw (CVE-2025-43300) that was chained with a WhatsApp zero-click vulnerability (CVE-2025-55177) in what the corporate described as an “extraordinarily refined assault.”
In a menace notification despatched to doubtlessly impacted people on the time, WhatsApp urged them to reset their units to manufacturing unit settings and to maintain their units’ working methods and software program updated.
Apple additionally advises customers who had been focused by mercenary spy ware assaults to allow Lockdown Mode and request rapid-response emergency safety help by Entry Now’s Digital Safety Helpline.
“Since 2021, we now have despatched Apple menace notifications a number of instances a yr as we now have detected these assaults, and to this point we now have notified customers in over 150 international locations in complete,” Apple says. “Apple doesn’t attribute the assaults or ensuing menace notifications to any particular attackers or geographical areas.”
An Apple spokesperson was not instantly accessible for remark when contacted by BleepingComputer earlier at the moment.
46% of environments had passwords cracked, almost doubling from 25% final yr.
Get the Picus Blue Report 2025 now for a complete have a look at extra findings on prevention, detection, and knowledge exfiltration developments.