Apple Fixes iPhone Zero-Day Spyware Targeting European Journalists

Apple has quietly fixed a zero-day iPhone vulnerability in iOS 18.3.1, released in February 2025, that was exploited by the Israeli surveillance firm Paragon to deploy its Graphite spyware against two European journalists, including Italian reporter Ciro Pellegrino. The flaw, a logic error in how iOS processed malicious photos or videos shared via iCloud Links, allowed attackers to silently compromise devices in highly sophisticated targeted attacks. Apple only recently updated its security advisory to disclose this patch, having initially mentioned only an unrelated vulnerability, and has not explained the four-month delay in public disclosure. Citizen Lab’s investigation highlighted the covert use of this exploit to hack journalists, confirming Paragon’s role in attacks against media professionals and human rights defenders. The spyware can access messages, location data, browser history, and even activate cameras and microphones without user knowledge. Apple has faced scrutiny for its secrecy, especially given its emphasis on user privacy, while the Paragon spyware controversy has drawn broader attention to mercenary spyware threats against journalists worldwide.