Apple users are being urged to update their products immediately to protect against a powerful new spyware that infiltrated devices without any clicks.
The tech company released updates to patch two zero-day exploit chains on Thursday.
It comes after an employee of the Washington DC-based civil society organization Citizen Lab found the zero-click vulnerability delivering Pegasus mercenary spyware, according to John Scott-Railton, a researcher for the group.
‘Last week we @citizenlab discovered a new #Pegasus zero-click exploit chain (No clicking required to infect latest iOS!)’ he wrote on X (formerly Twitter) on Thursday afternoon.
🚨 Update your @apple products immediately!
Last week we @citizenlab discovered a new #Pegasus zero-click exploit chain.
(No clicking required to infect latest iOS!)
Found while checking civil society.
Disclosed to Apple which rushed a patch 1/ https://t.co/NN6LWCbwAj pic.twitter.com/zN3cotBCMk
— John Scott-Railton (@jsrailton) September 7, 2023
He urged users to ‘update your @apple products immediately!’
Citizen Lab, which investigates government malware, explained in a blog post that victims can be targeted by malware without clicking or tapping or opening any attachments.
‘The exploit chain was capable of compromising iPhones running the latest version of iOS (16.6) without any interaction from the victim,’ wrote the internet watchdog group.
Upon discovering the zero-click vulnerability, Citizen Lab informed Apple, which thanked the group for reporting it. Citizen Lab helped in the probe.
Source: https://metro.co.uk/2023/09/07/apple-zero-day-bug-spyware-update-19466522/