Targeted cyberattacks: iPhones under threat from spyware
2 May 13:21
Apple has sent out notifications to iPhone users about a possible targeted attack using spyware. This time, at least two people received the alert – Italian journalist Ciro Pellegrino and Dutch right-wing commentator Eva Vlaardingebroek, "Komersant Ukrainian" reports, citing social media and foreign media.
Both published information about this on May 1: Pellegrino in an article and Vlaardingebroek in a video.
According to Apple, their devices were the target of a hired spy attack.
The letter that Pellegrino received claims that the company sent similar notifications to users in 100 countries, and that the potential danger affected up to 150 countries.
This is not the first such wave of warnings: Apple started notifying potentially attacked users back in 2024. According to the wording of the notifications, the attacks are aimed at specific people because of their activities or publicity. Apple emphasizes that it is impossible to fully confirm the attack, but the company is “confident” in its findings and advises to take the warning seriously.
According to TechCrunch, earlier this year, Pellegrino’s colleague from Fanpage was warned by WhatsApp. At that time, the attack was linked to the Israeli spyware developer Paragon Solutions.
In addition, in April, there were reports of another targeted attack via WhatsApp and Signal, aimed at human rights activists and supporters of Ukraine.
It is not yet known who is behind the latest attacks.
It is worth noting that this is not the first time Apple has faced a series of sophisticated cyberattacks targeting its devices and services.
AirPlay vulnerability “AirBorne
A critical vulnerability called AirBorne has been discovered in Apple’s AirPlay protocol that could potentially affect billions of devices. This vulnerability allows attackers on the same Wi-Fi network to hijack devices, deploy malware, and access personal data. Although Apple has released patches for its devices, many third-party products that use AirPlay remain unpatched, creating ongoing risks.
Operation Triangulation
Operation Triangulation, exposed in 2023, was a sustained cyberespionage campaign targeting iOS devices. The attack exploited a chain of zero-day vulnerabilities to deploy spyware capable of mining messages, passwords, and tracking geolocation. The operation went undetected for years due to its sophisticated methods.
Zero-day vulnerabilities in CoreAudio and RPAC
In April 2025, Apple patched two zero-day vulnerabilities in its CoreAudio and RPAC components that were actively used in targeted attacks. These vulnerabilities affected several Apple operating systems, including iOS, macOS, and visionOS. The company has released emergency security updates to address these threats.
Phishing campaigns using Apple ID
Security firms have warned of phishing campaigns targeting Apple ID users. Attackers are sending misleading messages that encourage users to visit malicious websites, risking compromising their Apple IDs and related data. Users are advised to be wary of unsolicited messages and to verify the authenticity of messages that claim to come from Apple.
Protective measures for users
To protect against these threats, Apple recommends:
- Regularly update your devices to the latest software versions.
- Enable lock mode for enhanced protection against sophisticated attacks.
- Be vigilant for unwanted messages and do not click on suspicious links.
- Use reliable networks, especially when accessing confidential information.
For more information about Apple security updates and threat alerts, users can visit the official Apple support page .
Читайте нас у Telegram: головні новини коротко
