CERT-FR reported that Apple warned users late last week that their devices were being targeted by spyware attacks. Experts say they are aware of at least four cases of such notifications sent in 2025.
The alerts were sent on March 5, April 29, June 25, and September 3 to phone numbers and email addresses associated with Apple user accounts. The alerts also appear at the top of the page on account.apple.com after a user logs in to their account.
“These alerts report sophisticated attacks, most of which exploit zero-day vulnerabilities or require no user interaction,” writes CERT-FR.
“These sophisticated attacks target individuals based on their status or activities: journalists, lawyers, activists, politicians, high-ranking officials, members of management committees in strategic sectors, and so on. Receiving such an alert means that at least one device associated with an iCloud account has been targeted and potentially compromised.”
Experts did not provide further information on the causes of these alerts. However, it’s worth noting that last month, Apple developers released emergency patches to fix a zero-day vulnerability ( CVE-2025-43300 ) used in conjunction with a zero-click vulnerability in WhatsApp ( CVE-2025-55177 ) for “sophisticated attacks targeting specific users.”
In a notification sent to potential victims at the time, the developers recommended performing a full factory reset and then keeping the operating system and WhatsApp app up to date for optimal protection.
Additionally, Apple recommends users who have been targeted to Spyware attacks can enable block mode and request emergency security assistance through Access Now’s Digital Security Helpline.
Follow us on Google News to receive daily updates on cybersecurity. Contact us if you would like to report news, insights or content for publication.
