Apple has issued urgent warnings to iPhone users in 100 countries, alerting them to potential mercenary spyware attacks aimed at compromising their devices. The notifications, sent on April 30, 2025, target individuals such as journalists, activists, and civil society members, who may be singled out due to their public roles or activities.
According to Apple, these sophisticated attacks involve “mercenary spyware,” which is far more complex than typical cybercriminal malware. “This attack is likely targeting you specifically because of who you are or what you do,” the notification reads, emphasizing Apple’s “high confidence” in the threat. While absolute certainty is impossible, the company urged recipients to take the warning seriously.
Must Read: Tesla Board Initiates Search for New CEO to Succeed Elon Musk
Among those who received the alerts were Ciro Pellegrino, an Italian journalist with Fanpage, and a Dutch right-wing activist, both of whom shared their notifications publicly. Digital rights group Citizen Lab is investigating related WhatsApp attacks, confirming that two Italians from the NGO Mediterranea Saving Humans were also targeted by Paragon spyware.
Apple advised users to enable Lockdown Mode, a feature designed to limit device functionality to reduce vulnerabilities, and to update their iPhones to iOS 18.4.1, which includes critical security patches. The company clarified that these notifications, sent via email, iMessage, and account.apple.com, will never request users to click links, install apps, or share personal information.
This is not the first instance of such warnings. Since 2021, Apple has notified users in over 150 countries of similar state-sponsored attacks, often linked to spyware like Pegasus from NSO Group, against which Apple filed a lawsuit in 2021. The latest alerts follow a pattern of targeting high-profile individuals, with previous notifications sent to users in 98 countries in July 2024.
Must Read: US Imposes New Sanctions on Iran Before Nuclear Talks
Security experts emphasize that these attacks are rare but highly targeted, costing millions and requiring significant resources. “Mercenary spyware attackers apply exceptional resources to target a very small number of specific individuals,” Apple noted in its support documentation. Users who suspect they may be at risk but have not received a notification can also enable Lockdown Mode for added protection.
Apple has not disclosed the identities of the attackers or specific countries affected, citing the risk of helping perpetrators evade detection. The company continues to monitor and combat such threats, reinforcing its commitment to user privacy and security.
For more information or assistance, Apple directs users to contact Access Now, a nonprofit running a digital helpline for those targeted by government spyware. Affected users are encouraged to verify any communication claiming to be from Apple through official support channels.