According to TechCrunch, a company that studies government malware called Citizen Lab has discovered a zero-click iOS vulnerability that enables attackers to target users with the Pegasus spyware from the NSO company. In a blog post, Citizen Lab stated that “the exploit chain could compromise iPhones running the latest version of iOS (16.6) with no interaction from the victim.”
Citizen Lab quickly notified Apple of this vulnerability after discovering it, and iOS 16.6.1 contained a patch to fix the problem. Apple credited the citizen’s lab with bringing the issue to their attention.
The most recent discovery, according to Citizen Lab, “shows once again highly sophisticated exploits and mercenary spyware target that civil society.”
Pegasus was created with governments and law enforcement organizations in mind for those who are unfamiliar. Regular users cannot purchase spyware from the NSO Group. However, most of the nations that bought Pegasus are notorious for their violations of human rights, which puts journalists and political opponents in danger.