InfoSecBulletin Cybersecurity for mankind
This week, Apple notified several individuals it believes were targeted by government spyware, according to two of those individuals. As of Wednesday, only two people have reported receiving notifications from Apple this week.
Ciro Pellegrino, an Italian journalist for Fanpage, reported receiving an email and text from Apple on Tuesday informing him that he was targeted with spyware. He also noted that he wasn’t the only one affected.
High-Severity Flaw in HashiCorp Nomad Allows Privilege Escalation
SoftBank: Over 137,000 personal info leaked
Alert
Trend Micro Apex One Flaw Allow Attackers to Inject Malicious Code
Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Action
Adobe Releases Patch Fixing 254 Vulnerabilities With High-Severity Security Gaps
Alert
40,000 + live internet cameras exposed globally !
Microsoft patch Tuesday fix exploited zero-day and 65 vuls patched
84,000+ Roundcube instances vulnerable to actively exploited flaw
CVE-2025-24016
Critical Wazuh RCE Actively Exploited by Mirai Botnets
CISA Issues Seven Advisories for Industrial Control Systems (ICS)
“Today’s notification is being sent to affected users in 100 countries,” the message read, according to Pellegrino’s article.
“Did this really happen? Yes, it is not a joke,” Pellegrino wrote.
The second person to receive an Apple notification is Eva Vlaardingerbroek, a Dutch right-wing activist who posted on X on Wednesday.
“Apple detected a targeted mercenary spyware attack against your iPhone,” the Apple alert said, according to a screenshot shown in a video that Vlaardingerbroek posted on X. “This attack is likely targeting you specifically because of who you are or what you do. Although it’s never possible to achieve absolute certainty when detecting such attacks, Apple has high confidence in this warning — please take it seriously.”
Reacting to the notification, Vlaardingerbroek said that this was an “attempt to intimidate me, an attempt to silence me, obviously.”
It’s not yet clear what spyware campaign, if known, the Apple notifications relate to. Apple has notified users across dozens of countries on two occasions last year that they were targeted by unspecified spyware.
Apple did not immediately respond to a request for comment.
Pellegrino is the second Italian journalist this year to have been notified of being a target of this type of spyware, which is sometimes also referred to as “mercenary” spyware, given that it is often developed by companies who then sell the technology to governments.
In February, WhatsApp notified Pellegrino’s Fanpage colleague Francesco Cancellato that the company “interrupted the activities of a spyware company which we believe attacked your device.”
In Cancellato’s case, WhatsApp stated that the spyware was created by Paragon Solutions, an Israeli company. Citizen Lab, a digital rights organization with over a decade of experience in investigating spyware, is also looking into these attacks on WhatsApp users.
TechCrunch reported, after Cancellato spoke up, two more Italians from Mediterranea Saving Humans, an NGO that aids immigrants, also reported being targeted by Paragon.
Paragon reportedly cut ties with its Italian government customer following these revelations.
