According to the French Computer Emergency Response Team (CERT-FR), Apple has notified French users of spyware campaigns targeting devices.
The agency said an alert was sent on September 3, 2025, when Apple notified county citizens that at least one of the devices linked to their iCloud accounts may have been compromised as part of a highly targeted attack.
The agency did not share any details about what caused these alerts. Previous threat notifications were sent on March 5th, April 29th and June 25th. Apple has been sending these notifications since November 2021.
“These complex attacks target individuals about their position or functioning: journalists, lawyers, activists, politicians, senior officials, members of the steering committee of the strategic sector, and others,” CERT-FR said.
The development has been less than a month after it was revealed that security flaws in WhatsApp (CVE-2025-55177, CVSS score: 5.4) were chained as part of a zero-click attack in an Apple iOS bug (CVE-2025-43300, CVSS score: 8.8).
WhatsApp then informed Hacker News that it had sent in-app threat notifications to less than 200 users who could have been targeted as part of the campaign. I don’t know who and which commercial spyware vendors are behind the activity.
This disclosure is because Apple introduced security features in the latest iPhone model called Memory Integrity Enforcement (MIE) to combat memory corruption vulnerabilities and make it difficult for surveillance vendors who usually rely on zero-days to plant spyware on targeted phones.
In a report released this week, the Atlantic Council said the number of US investors in spyware and surveillance technology jumped from 11 in 2023 last year to 31, surpassing other major investor countries such as Israel, Italy and the UK.
Overall, the study flags two holding companies, 55 individuals, 34 investors, 18 partners, seven subsidiaries, 10 suppliers and four vendors who founded themselves last year with a spyware marketplace. This includes new spyware entities in Japan, Malaysia and Panama, as well as vendors such as Bindecy in Israel and SIO in Italy.
“The amount of US-based entities investing in the spyware market is three times greater than the three best countries with the highest investors,” the report said, adding that “56% of investors are founded in Israel, the US, Italy and the UK.”
“Tessellors and brokers are currently the leading actors of the spyware market, including more sample market share than previously demonstrated – often not baffled and not easily addressed in current policy deliberations.”
