Apple has notified users in France of a spyware campaign targeting their devices, according to the Computer Emergency Response Team of France (CERT-FR).
The agency said the alerts were sent out on September 3, 2025, making it the fourth time this year that Apple has notified citizens in the county that at least one of the devices linked to their iCloud accounts may have been compromised as part of highly-targeted attacks.
The agency did not share further details on what triggered these alerts. Previous threat notifications were sent on March 5, April 29, and June 25. Apple has been sending these notices since November 2021.
“These complex attacks target individuals for their status or function: journalists, lawyers, activists, politicians, senior officials, members of steering committees of strategic sectors, etc,” CERT-FR said.
The development comes less than a month after it emerged that a security flaw in WhatsApp (CVE-2025-55177, CVSS score: 5.4) was chained with an Apple iOS bug (CVE-2025-43300, CVSS score: 8.8) as part of zero-click attacks.
WhatsApp subsequently told The Hacker News that it had sent in-app threat notifications to less than 200 users who may have been targeted as part of the campaign. It’s not known who, and which commercial spyware vendor, is behind the activity.
The disclosure comes as Apple has introduced a security feature in the latest iPhone models called Memory Integrity Enforcement (MIE) to combat memory corruption vulnerabilities and make it harder for surveillance vendors, who typically rely on such zero-days for planting spyware on a target’s phone.
In a report published this week, the Atlantic Council said the number of United States investors in spyware and surveillance technologies jumped from 11 in 2023 to 31 last year, surpassing other major investing countries such as Israel, Italy, and the United Kingdom.
Altogether, the study has flagged two holding companies, 55 individuals, 34 investors, eighteen partners, seven subsidiaries, 10 suppliers, and four vendors that established themselves in the last year in the spyware marketplace. This includes new spyware entities in Japan, Malaysia, and Panama, as well as vendors like Israel’s Bindecy and Italy’s SIO.
“The quantity of U.S.-based entities investing in the spyware market is three times greater than in the next three highest countries with the most investors,” the report said, adding “56% of investors are incorporated in Israel, the United States, Italy, and the United Kingdom.”
“Tesellers and brokers now are key actors in the spyware market – comprising more sample market share than previously demonstrated – and oftentimes are under-observed and not readily addressed in current policy deliberations.”
