<ul data-eligibleForWebStory="true"><li>Apple confirmed that a security flaw in its Messages app, CVE-2025-43200, was actively exploited in the wild targeting journalists with Paragon’s Graphite spyware.</li><li>The vulnerability was addressed on February 10, 2025, with the release of multiple updates including iOS 18.3.1 and macOS versions.</li><li>The flaw allowed a logic issue when processing a maliciously crafted photo or video shared via an iCloud Link.</li><li>Citizen Lab confirmed Graphite spyware was used to hack fully updated iPhones, targeting journalists in Europe.</li><li>Forensic evidence showed communication with the same spyware server. Apple alerted victims and patched the zero-click exploit.</li><li>Paragon accused the Italian government of refusing help to investigate spyware use against a journalist, leading to ending contracts in Italy.</li></ul>

Apple confirmed that Messages app flaw was actively exploited in the wild

Discover more