Apple has patched a critical security vulnerability in its Messages app, known as CVE-2025-43200, which was actively exploited to attack civil society members. Disclosed on February 10, 2025, the flaw allowed maliciously crafted media shared via iCloud Links to compromise devices without any user interaction. Researchers recognized that Italian journalist Ciro Pellegrino and another European journalist were specifically targeted with Paragon's Graphite spyware, indicating sophisticated zero-click attack methods. Apple has since notified the affected individuals about the spyware infection, emphasizing the severity and dangers posed by such vulnerabilities.
A logic issue existed when processing a maliciously crafted photo or video shared via an iCloud Link, and was addressed with improved checks.
We believe that this infection would not have been visible to the target.
Collection
[
|
...
]