### Apple Fixes Zero-Day Vulnerability Used by Paragon Spyware
Apple has announced the remediation of a zero-day flaw that was leveraged to deploy mercenary spyware on the iPhones of reporters. This security issue was resolved in the iOS 18.3.1 update released earlier this year, according to TechCrunch.
#### Vulnerability Details
The security notice updated by Apple indicates that the flaw was exploited by the Israeli surveillance company Paragon to access the devices of at least two journalists in Europe. Citizen Lab, an organization focused on digital threats, stated that while Apple first acknowledged a different flaw regarding iPhone security locks in February, it subsequently revised its notice to include a second, previously unreported vulnerability. This recent issue relates to how iOS handled photos and videos shared through iCloud Links.
Apple noted that this vulnerability “might have been exploited in an extremely advanced attack targeting specific individuals.”
#### Individuals Targeted
The Citizen Lab investigation revealed that Italian journalist Ciro Pellegrino and another unnamed notable European journalist were the targets of the exploit. Both received vague notifications from Apple concerning potential spyware threats, lacking specific information about the assailants or the tactics employed.
Paragon was first highlighted in January when WhatsApp alerted approximately 90 users, including journalists and human rights activists, that they were targeted by Paragon’s Graphite spyware. This was followed by another warning from Apple in April, notifying iPhone users across 100 nations about possible spyware threats, though it did not specifically mention Paragon.
Apple clarified that the choice to keep the spyware’s name undisclosed was deliberate to stop attackers from altering their strategies based on the information available.
#### Confirmation of Paragon’s Role
Today’s report from Citizen Lab has verified for the first time that Paragon was behind at least two of the attacks on iPhone users who received notifications from Apple. This finding emphasizes the persistent dangers presented by mercenary spyware and the necessity of prompt security updates to safeguard vulnerable individuals, especially in journalism and human rights work.
As the digital environment continues to change, the demand for strong security protocols and transparency from technology firms remains vital in protecting users from sophisticated cyber threats.
