BOSTON (AP) — Apple released an emergency security software patch to fix a vulnerability.
An internet watchdog group says the flaw allowed spyware from the world’s most infamous hacker-for-hire firm, NSO Group, to infect the iPhone of a Saudi activist without any user interaction.
The researchers from the University of Toronto’s Citizen Lab said it was the first time a so-called “zero-click” exploit had been caught and analyzed.
They stated that they found the malicious code on September 7th and were confident NSO Group was behind it.
NSO Group didn’t immediately respond to an email asking for comment.
A spokesperson for Apple confirmed the legitimacy of the threat to The New York Times and said it planned to add “spyware barriers” to iOS 15 this year.
Apple customers are encouraged to immediately install the security update.