Apple Warns Of Global Spyware Attacks, Notifies Targets In 100 Countries

Despite growing international scrutiny, the market for government-linked spyware continues to thrive.

Apple has warned individuals worldwide that their devices may have been targeted in a spyware attack.

Apple has issued threat notifications to users in 100 countries, warning that hackers may have targeted their devices with sophisticated commercial spyware.

Apple sent out alerts last week to individuals it believes were targeted with what it calls "mercenary spyware" – surveillance software typically developed by private companies and sold to governments.

The notifications are part of Apple's ongoing effort to inform users who may be at risk due to their personal or professional profiles.

So far, only two recipients of the alert have come forward publicly according to TechCrunch, which first covered the story.

One is Ciro Pellegrino, an Italian journalist with the online publication Fanpage.

In an article published last week, Pellegrino confirmed receiving both an email and a text message from Apple stating he had been targeted. The alert said he was not alone in being affected.

"Today's notification is being sent to affected users in 100 countries," the message read, according to Pellegrino.

"Did this really happen? Yes, it is not a joke," he wrote in his piece.

This isn't the first time Fanpage has been targeted. In February the site’s editor, Francesco Cancellato, received a similar warning from WhatsApp.

WhatsApp claimed to have disrupted an attack involving spyware developed by Israeli firm Paragon Solutions. The digital rights watchdog Citizen Lab, which has long investigated the proliferation of commercial spyware, confirmed it was analyzing that incident.

Following Cancellato's revelation, two additional Italians affiliated with Mediterranea Saving Humans, an NGO focused on rescuing migrants in the Mediterranean Sea, disclosed they too were targeted with the same spyware.

These revelations reportedly led Paragon Solutions to sever ties with its Italian government client.

The second person to come forward is Eva Vlaardingerbroek, a right-wing political activist from the Netherlands.

In a post on X (formerly Twitter), she shared a video displaying a screenshot of the Apple alert.

"Apple detected a targeted mercenary spyware attack against your iPhone," the message read.

"This attack is likely targeting you specifically because of who you are or what you do… Apple has high confidence in this warning – please take it seriously."

In her video, Vlaardingerbroek described the alert as "an attempt to intimidate me, an attempt to silence me, obviously."

Apple has not provided further public details about the specific spyware campaign or the company responsible for the tools used in the attacks.

The lack of technical attribution means it remains unclear whether this incident is linked to any previously known spyware vendors, such as NSO Group or Paragon Solutions.

Apple, like other tech vendors, makes a point of warning users about spyware attacks. The company has collaborated with security researchers and nonprofits to help victims secure their devices and trace the origins of such intrusions.

In April last year, Apple warned users in India and 91 other countries that they may be victims of a "mercenary spyware attack."

Despite growing international scrutiny, the market for government-linked spyware continues to thrive.

Experts say the expanding reach of such tools, capable of infiltrating even the most secure smartphones, poses a significant threat to journalists, activists, political dissidents and others who find themselves on the frontlines of global civil society.

The notifications this week are the first large-scale alert of their kind from the company in 2025.

This article originally appeared on our sister site Computing.