We have a new development in the world of digital security. Plus, it is related to one of the main tech brands in the world. A recent discovery by Citizen Lab has shed light on a concerning vulnerability: an iPhone zero-day flaw that was quietly exploited to target journalists with mercenary spyware. Apple, known for its strong security posture, has since patched this critical vulnerability. However, the details offer a wake-up call about the sophisticated threats facing even the most secure devices.
Details about the iPhone zero-day vulnerability patched by Apple
The story began to unfold in April 2025. That month, Apple discreetly notified a select group of iOS users, including two prominent journalists, that their devices had been targeted by advanced spyware. Forensic analysis conducted by the Citizen Lab, a leading cybersecurity research group, confirmed these suspicions. Their investigation revealed that a notable European journalist and the Italian journalist Ciro Pellegrino were indeed targeted with Graphite spyware. The latter is a product of the Israeli surveillance firm Paragon.
This insidious spyware was deployed through a highly sophisticated iMessage zero-click attack. As the name suggests, a “zero-click” attack requires no interaction from the victim. In other words, simply receiving a malicious message can compromise the device. Apple acted to mitigate this threat in its iOS 18.3.1 update, assigning the vulnerability the identifier CVE-2025-43200. Interestingly, while Apple fixed the issue in February, official public acknowledgment of the flaw’s exploitation didn’t come until later. This is why we say it was a “quiet fix.”
Vulnerability related to iCloud links
Further analysis by Citizen Lab found a clear link, identifying an indicator that connected both targeted cases to the same Paragon operator. The vulnerability specifically exploited how iOS processed photos and videos sent via iCloud Links, making it a particularly stealthy vector for attack. Francesco Cancellato, a colleague of Mr. Pellegrino, had also been notified in January 2025 about being targeted with Paragon’s Graphite spyware. This suggested a broader pattern of sophisticated attacks against media professionals.
The incident underscores the continuous cat-and-mouse game between device manufacturers and those developing surveillance tools. This time, Apple has addressed this specific flaw. However, the persistence of mercenary spyware and the creativity of its developers mean that vigilance remains paramount for all users. This is especially true for those in high-risk professions like journalism.
The post Apple Quietly Patched iPhone Zero-Day Flaw Targeting Journalists appeared first on Android Headlines.
