Apple has recently updated the documentation for its iOS/iPadOS 18.3.1 to confirm it has fixed a zero-click vulnerability linked to the Graphite spyware that infected several journalists. The vulnerability, reported as CVE-2025-43200, allowed hackers to control devices via maliciously crafted media shared through iCloud Links. Investigations by the Citizen Lab revealed that the attacks, confirmed with high confidence to be from a single group, targeted journalists between January and February while they were using iOS 18.2.1. Apple acknowledged this sophisticated exploit affecting select individuals and has since improved its vulnerability checks.
Apple has confirmed that its iOS/iPadOS 18.3.1 update addressed a zero-click vulnerability exploited by Paragon's Graphite spyware against specific journalists.
The latest documentation reveals that a logic issue allowed maliciously crafted media received via iCloud Link to compromise the security of targeted individuals.
Collection
[
|
...
]