Apple has warned customers that their devices were targeted in a new wave of mercenary spyware attacks, according to a security advisory published Thursday by CERT-FR, France’s national Computer Emergency Response Team.
CERT-FR, which operates under ANSSI (the National Cybersecurity Agency), said it has tracked at least four Apple threat notifications since the beginning of 2025. These alerts were sent to users on March 5, April 29, June 25, and September 3, warning that their devices may have been compromised. The notifications are delivered to the phone numbers and email addresses linked to Apple IDs and also appear at the top of the page after signing in at account.apple.com.
According to CERT-FR, the attacks are “highly sophisticated,” often using zero-day vulnerabilities or zero-click exploits that require no user interaction. The targets include journalists, lawyers, activists, politicians, senior officials, and executives in strategic industries, highlighting the severity and focus of the campaigns.
While CERT-FR did not disclose specific technical details, Apple recently patched a zero-day flaw (CVE-2025-43300) that was exploited in conjunction with a WhatsApp zero-click vulnerability (CVE-2025-55177) in what the company described as an “extremely sophisticated attack.” WhatsApp urged affected users at the time to reset devices to factory settings and keep software up to date.
Apple recommends that anyone receiving a spyware alert should enable Lockdown Mode and seek rapid-response assistance through Access Now’s Digital Security Helpline. Since 2021, Apple has sent threat notifications multiple times each year, warning users in over 150 countries. The company does not attribute these attacks to any specific groups or regions.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
