Security News > 2022 > April > Newly found zero-click iPhone exploit used in NSO spyware attacks

Digital threat researchers at Citizen Lab have discovered a new zero-click iMessage exploit used to install NSO Group spyware on iPhones belonging to Catalan politicians, journalists, and activists.
"Among Catalan targets, we did not see any instances of the HOMAGE exploit used against a device running a version of iOS greater than 13.1.3. It is possible that the exploit was fixed in iOS 13.2," Citizen Lab said.
The academic research lab has reported and provided Apple with the forensic artifacts needed to investigate the exploit and says there is no evidence that Apple customers using the latest versions of iOS are exposed to HOMAGE attacks.
As Reuters reported, NSO spyware was also used in attacks targeting senior European Commission officials last year, including the European Justice Commissioner.
Finland's Ministry for Foreign Affairs said in January that devices of Finnish diplomats had been infected with NSO Group's Pegasus spyware after US Department of State employees also found that their iPhones had been hacked to install the same spyware.
Pegasus, a spyware tool developed by Israeli surveillance firm NSO Group, is marketed as surveillance software licensed to governments worldwide for "Investigating crime and terror."
News URL
Related news
- WhatsApp patched zero-click flaw exploited in Paragon spyware attacks (source)
- Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- PoisonSeed Exploits CRM Accounts to Launch Cryptocurrency Seed Phrase Poisoning Attacks (source)
- Apple fixes two zero-days exploited in targeted iPhone attacks (source)
- Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) (source)
- ⚡ Weekly Recap: iOS Zero-Days, 4Chan Breach, NTLM Exploits, WhatsApp Spyware & More (source)
- Craft CMS RCE exploit chain used in zero-day attacks to steal data (source)
- Google: 97 zero-days exploited in 2024, over 50% in spyware attacks (source)
- How cybercriminals exploit psychological triggers in social engineering attacks (source)