Apple occasionally issues spyware attack notifications, publicly disclosing on its website which countries or regions have received such warnings. However, some spyware campaigns may remain undisclosed by Apple for various reasons.
The French national computer emergency response team (CERT-FR) recently confirmed that Apple had sent a new round of spyware attack alerts to certain users in France. The identified targets include journalists, lawyers, activists, politicians, senior officials, and members of the country’s Strategic Sectors Committee.
According to CERT-FR, this marks the third spyware alert issued by Apple in 2025, following earlier warnings on March 5, April 29, and June 25. Such spyware attacks typically focus on carefully selected targets and employ highly sophisticated techniques.
For example, many campaigns leverage zero-day vulnerabilities, often requiring no user interaction at all. Receiving an Apple notification signifies that the user has already been marked as a target, and Apple only sends these warnings when it has detected concrete evidence of such activity.
Although CERT-FR has not released details from Apple’s latest alert, it is noteworthy that in August 2025 Apple issued emergency security updates to patch CVE-2025-43300 and CVE-2025-55177. The recent spyware warning may be linked to these vulnerabilities.
Apple advises all users who receive such notifications to enable Lockdown Mode, which applies additional layers of encryption to critical data. This feature is specifically designed to counter sophisticated spyware campaigns and significantly enhance overall device security.
