Apple has issued a fresh round of spyware alerts to users in France, a notification that represents the fourth time this year the company has warned citizens that their devices may have been compromised. The French Computer Emergency Response Team, known as CERT-FR, reported that these alerts were sent on September 3, 2025. Similar warnings were previously issued on March 5, April 29, and June 25, a pattern of notifications Apple has maintained since November 2021.
The targets of these highly-sophisticated attacks are not random; they are individuals singled out for their profession or social standing, such as journalists, lawyers, activists, politicians, and senior officials in strategic sectors. While CERT-FR did not disclose what specifically triggered this latest wave of alerts, the focus on high-profile targets aligns with the nature of these advanced threats. The secrecy surrounding these attacks highlights their complexity and the serious risk they pose to public figures and those in positions of influence.
This development follows the discovery of a security vulnerability in WhatsApp, which was reportedly chained with a related Apple iOS bug to carry out “zero-click” attacks. These attacks are particularly insidious because they do not require any action from the user to infect a device. WhatsApp confirmed that it had sent in-app notifications to fewer than 200 users who were potentially targeted. It remains unknown which specific commercial spyware vendor is responsible for this recent campaign.
In response to the growing threat from commercial surveillance tools, Apple has introduced a new security feature called Memory Integrity Enforcement (MIE) in its latest iPhone models. MIE is designed to combat memory corruption vulnerabilities, which are commonly exploited by surveillance vendors to plant spyware on a target’s phone. This feature represents a proactive step by Apple to make its devices more resilient against the kind of zero-day exploits often used by the spyware industry.
Meanwhile, a report from the Atlantic Council has shed light on the expanding spyware market. The report found that the number of U.S. investors in spyware and surveillance technologies tripled in just one year, from 11 in 2023 to 31 in 2024. This places the U.S. ahead of other major investing countries like Israel, Italy, and the United Kingdom. The study also noted the rise of new spyware entities in countries such as Japan, Malaysia, and Panama, and emphasized the increasing role of resellers and brokers in the market, who often go unobserved and are not addressed in current policy discussions.
Reference:
