Tech giant warns users in 98 countries of 'mercenary spyware' attacks, reigniting tensions with governments over the targeting of journalists and political dissidents.
Table of contents [Show]
Apple has issued a fresh round of threat notifications to iPhone users across 98 countries, alerting them to the presence of sophisticated "mercenary spyware" targeting their devices. This latest wave of warnings marks a significant escalation in the ongoing digital battle between privacy-focused technology companies and state-level surveillance actors. According to reports from TechCrunch and Moonlock, the notifications warn victims that they are being individually targeted because of "who they are or what they do," a chilling reminder of the personalized nature of modern digital espionage.
The alert explicitly states that these attacks are vastly more complex and expensive than standard cybercriminal activity. Unlike common malware designed to steal credit card numbers, mercenary spyware-often linked to NSO Group's Pegasus-costs millions of dollars to deploy and is used to covertly monitor the communications, location, and private data of a select few. The scope of this latest warning, covering nearly 100 nations, suggests that the market for commercial surveillance tools is thriving despite repeated attempts by international bodies to curtail their use.
The current situation is not an isolated incident but part of a disturbing, accelerating trend. In April 2024, Apple sent similar notifications to users in 92 countries. Prior to that, in October 2023, a significant flashpoint occurred when numerous Indian opposition leaders and journalists received alerts warning that "state-sponsored attackers" were targeting their iPhones.
"Apple notifications highlight the unabated threat of unlawful targeted surveillance... confirming that the abuse of highly invasive spyware by state-actors around the world continues unabated, targeting human rights defenders, journalists, and politicians." - Amnesty International Security Lab
In India, the situation has been particularly contentious. Following the October 2023 alerts, Amnesty International conducted forensic analysis on the phones of prominent journalists, including those from The Wire and the Organized Crime and Corruption Reporting Project (OCCRP). Their findings confirmed the presence of Pegasus spyware, lending credibility to Apple's automated warnings. According to The Hindu, the recipients of these alerts included Members of Parliament such as Shashi Tharoor and Mahua Moitra, raising serious questions about the integrity of democratic processes.
The phrasing of these notifications has become a diplomatic friction point. Initially, Apple utilized the term "state-sponsored attackers." However, following intense pressure from the Indian government, which reportedly criticized the company's notification system, Apple shifted its language to "mercenary spyware attacks." Reports from the Washington Post and TechCrunch indicate that officials under Prime Minister Narendra Modi's administration promptly took action to question Apple's findings after the 2023 alerts, demanding the company provide specific algorithmic details regarding how the threats were detected.
Despite the change in terminology, the implications remain unchanged. As noted by The Times of India, these attacks are distinct from varying cyber threats because they are often funded by state actors to target specific individuals. The rebranding to "mercenary" acknowledges the commercial nature of the spyware industry-where companies sell these tools to governments-without directly accusing a specific state government in the notification itself.
Recent reports from Storyboard18 highlight that the Indian Centre is once again seeking answers from Apple following the newest wave of alerts. The government's stance has historically been one of denial regarding unlawful surveillance, while simultaneously emphasizing national security concerns. This creates a complex environment for tech companies, which must balance user safety with their operational viability in major markets.
The normalization of mercenary spyware poses a severe threat to civil society. Citizen Lab and Moonlock have documented the use of these tools against human rights defenders in Mexico, Thailand, Jordan, El Salvador, and beyond. When journalists and activists cannot communicate securely, the free press and political opposition are effectively neutralized.
For the average user, this highlights the extreme vulnerabilities present in mobile ecosystems. While these attacks are highly targeted, the vulnerabilities they exploit (often "zero-click" exploits that require no user interaction) exist in the software used by billions. Apple's introduction of "Lockdown Mode" is a direct response to this threat, offering an extreme level of security that reduces the attack surface, albeit at the cost of some device functionality.
As we move forward, the conflict between secure technology and state surveillance is poised to intensify. Experts suggest that while Apple and other tech giants will continue to patch vulnerabilities, the "mercenary" spyware industry is agile and well-funded. The onus is shifting toward international regulation and strict export controls on surveillance technology.
For now, users receiving these notifications are urged to take them with the utmost seriousness. Amnesty International advises immediate forensic analysis and contact with digital rights organizations. In a world where our devices are the primary repositories of our private lives, the warning bell from Cupertino is a sound we cannot afford to ignore.
Federal regulators have launched a sweeping investigation into nearly 3 million Tesla vehicles, citing concerns over traffic violations and performance in low visibility, marking a critical turning point for autonomous driving oversight.
As 2025 draws to a close, Seattle solidifies its rank as a global AI superpower. However, the region's tech sector is undergoing a massive reboot, trading speculative hype for 'boring' back-end efficiency and agentic workflows.
At CES 2026, the tech industry pivots from cloud dependence to on-device intelligence. New chips from Qualcomm, Intel, and AMD promise a revolution in privacy and performance.
