{"id":42846,"date":"2021-09-14T15:28:52","date_gmt":"2021-09-14T15:28:52","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/32632\/Apple-Patches-Zero-Click-iMessage-Hack-Used-By-NSO.html"},"modified":"2021-09-14T15:28:52","modified_gmt":"2021-09-14T15:28:52","slug":"apple-patches-zero-click-imessage-hack-used-by-nso","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/apple-patches-zero-click-imessage-hack-used-by-nso\/","title":{"rendered":"Apple Patches Zero-Click iMessage Hack Used By NSO"},"content":{"rendered":"<div readability=\"32\">\n<div><picture class=\"responsive-image lazyloader--lazy lazyloader--lowres\"><source media=\"(min-width: 1000px)\" srcset=\"https:\/\/video-images.vice.com\/articles\/613f9b489b134b0095297eba\/lede\/1631559301385-imessage.jpeg?crop=1xw:0.8429xh;0xw,0.0978xh&amp;resize=20:*\"><source media=\"(min-width: 700px)\" srcset=\"https:\/\/video-images.vice.com\/articles\/613f9b489b134b0095297eba\/lede\/1631559301385-imessage.jpeg?crop=1xw:0.8429xh;0xw,0.0978xh&amp;resize=20:*\"><source media=\"(min-width: 0px)\" srcset=\"https:\/\/video-images.vice.com\/articles\/613f9b489b134b0095297eba\/lede\/1631559301385-imessage.jpeg?crop=1xw:0.8429xh;0xw,0.0978xh&amp;resize=20:*\"><img class=\"responsive-image__img\" alt=\"imessage\"><\/picture><\/div>\n<p>Image:&nbsp;Jakub Porzycki\/NurPhoto via Getty Images<\/p>\n<\/div>\n<div data-component=\"BodyComponentRenderer\" readability=\"94.789956542733\"><span class=\"abc__textblock size--article\" data-component=\"TextBlock\" readability=\"28\"><\/p>\n<p>Apple has released an urgent patch to fix a major vulnerability in iMessage that was being used to target iPhone users.&nbsp;<\/p>\n<p><\/span><span class=\"abc__textblock size--article\" data-component=\"TextBlock\" readability=\"26.664335664336\"><\/p>\n<p>Security researchers found the vulnerability when they were investigating the potential hack of a Saudi activist\u2019s iPhone, <a href=\"https:\/\/citizenlab.ca\/2021\/09\/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild\/\" target=\"_blank\" rel=\"noopener\">according to a new report by Citizen Lab<\/a>, a digital rights group housed at the University of Toronto&#8217;s Munk School that has investigated NSO spyware for years.&nbsp;<\/p>\n<p><\/span><span><\/p>\n<div class=\"adph adph--border\">\n<p>Advertisement<\/p>\n<\/div>\n<p><\/span><span class=\"abc__textblock size--article\" data-component=\"TextBlock\" readability=\"32.48031496063\"><\/p>\n<p>The researchers told Motherboard that they believe the attack was carried out by a customer of NSO, the infamous Israeli company that sells spyware to dozens of governments all over the world. The hack relied on an unknown vulnerability\u2014also known as a <a href=\"https:\/\/www.vice.com\/en\/article\/mg79v4\/hacking-glossary\">zero-day<\/a>\u2014in iMessage, which allowed the hackers to take over a target\u2019s phone by sending them a message that was effectively invisible. These kinds of attacks are called zero-click exploits, as they don\u2019t require the victim to click on anything.&nbsp;<\/p>\n<p><\/span><span class=\"abc__textblock size--article\" data-component=\"TextBlock\" readability=\"23.172413793103\"><\/p>\n<p>Citizen Lab <a href=\"https:\/\/citizenlab.ca\/2021\/09\/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild\/\" target=\"_blank\" rel=\"noopener\">wrote in a blog post<\/a> that it believes this zero-day was being used since at least February of this year.<\/p>\n<p><\/span><span class=\"abc__textblock size--article\" data-component=\"TextBlock\" readability=\"27.631746031746\"><\/p>\n<p>Apple declined to comment. The company, however, credited Citizen Lab <a href=\"https:\/\/support.apple.com\/en-us\/HT212807\" target=\"_blank\" rel=\"noopener\">in a security update it published on Monday<\/a>.&nbsp;An NSO spokesperson wrote in an email that \u201cNSO Group will continue to provide intelligence and law enforcement agencies around the world with life saving technologies to fight terror and crime.\u201d<\/p>\n<p><\/span><\/p>\n<blockquote data-component=\"QuoteBlock\" class=\"abc__quote abc__quote--pullquote\" readability=\"7\">\n<p>\u201cPopular chat programs like iMessage are currently the royal road for nation state groups, and mercenary hackers to target phones.\u201d<\/p>\n<\/blockquote>\n<p><span class=\"abc__textblock size--article\" data-component=\"TextBlock\" readability=\"29\"><\/p>\n<p>This discovery will once again fuel the debate over whether iPhones have become too vulnerable to government hackers using sophisticated spyware, such as the one made by NSO.&nbsp;<\/p>\n<p><\/span><span class=\"abc__textblock size--article\" data-component=\"TextBlock\" readability=\"34\"><\/p>\n<p>\u201cWhat this really highlights is that popular chat programs like iMessage are currently the royal road for nation state groups, and mercenary hackers to target phones. Ubiquitous chat and messaging apps are a serious attack surface. And it&#8217;s time for them to get a lot more secure,\u201d John Scott-Railton, a senior researcher at Citizen Lab, told Motherboard in a phone call.&nbsp;<\/p>\n<p><\/span><span><\/p>\n<div class=\"adph adph--border\">\n<p>Advertisement<\/p>\n<\/div>\n<p><\/span><span class=\"abc__textblock size--article\" data-component=\"TextBlock\" readability=\"28\"><\/p>\n<p>This discovery also shows that it\u2019s becoming harder for researchers to find these types of attacks.<\/p>\n<p><\/span><span class=\"abc__textblock size--article\" data-component=\"TextBlock\" readability=\"34\"><\/p>\n<p>\u201cThe traditional way that we track this stuff is by having targets forward us suspicious things that they notice for analysis. But obviously, the target can&#8217;t notice anything in this zero click case. So it&#8217;s an example of the spyware industry increasingly going dark,\u201d Bill Marczak, another Citizen Lab researcher who investigated this attack, told Motherboard in a phone call.<\/p>\n<p><\/span><\/p>\n<blockquote data-component=\"QuoteBlock\" class=\"abc__quote abc__quote--blockquote\" readability=\"9\">\n<p><strong>Do you research vulnerabilities and exploits for iPhones? We\u2019d love to hear from you. You can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, Wire\/Wickr @lorenzofb, or email lorenzofb@vice.com.<\/strong><\/p>\n<\/blockquote>\n<p><span class=\"abc__textblock size--article\" data-component=\"TextBlock\" readability=\"26.10888252149\"><\/p>\n<p>In July, a consortium of 17 media organizations, in collaboration with Amnesty International and non-profit Forbidden Stories, <a href=\"https:\/\/forbiddenstories.org\/about-the-pegasus-project\/\" target=\"_blank\" rel=\"noopener\">reported that they had obtained a list of 50,000 phone numbers<\/a> targeted by several NSO government customers. <a href=\"https:\/\/www.amnesty.org\/en\/latest\/research\/2021\/07\/forensic-methodology-report-how-to-catch-nso-groups-pegasus\/\" target=\"_blank\" rel=\"noopener\">A forensic analysis<\/a> done by Amnesty International found evidence of successful or attempted hacks on 34 phones.&nbsp;<\/p>\n<p><\/span><span class=\"abc__textblock size--article\" data-component=\"TextBlock\" readability=\"22.916666666667\"><\/p>\n<p>This discovery comes months after Apple implemented a security feature that was supposed to make it harder to use precisely these kinds of hacks against iPhones, <a href=\"https:\/\/www.vice.com\/en\/article\/pkd4kg\/apple-is-going-to-make-it-harder-to-hack-iphones-with-zero-click-attacks\">which Motherboard reported in February of this year<\/a>.&nbsp;<\/p>\n<p><\/span><span><\/p>\n<div class=\"adph adph--border\">\n<p>Advertisement<\/p>\n<\/div>\n<p><\/span><span class=\"abc__textblock size--article\" data-component=\"TextBlock\" readability=\"28.478468899522\"><\/p>\n<p>Citizen Lab detailed in its blog post how it found the zero-day. In the post, researchers wrote that they were analyzing the iPhone of a Saudi activist and determined that it had been hacked with NSO\u2019s spyware Pegasus. Researchers told Motherboard that they attributed the attack to NSO by finding evidence that linked it to the hack of 36 journalists at Al-Jazeera, <a href=\"https:\/\/citizenlab.ca\/2020\/12\/the-great-ipwn-journalists-hacked-with-suspected-nso-group-imessage-zero-click-exploit\/\" target=\"_blank\" rel=\"noopener\">which Citizen Lab revealed in December of 2020<\/a>.&nbsp;<\/p>\n<p><\/span><span class=\"abc__textblock size--article\" data-component=\"TextBlock\" readability=\"34\"><\/p>\n<p>The researchers said that the result of the attack was invisible to the user, but they were able to find evidence that showed that iMessage had saved several attachments that appeared to be GIF files, but were actually PDF and PSD files. The evidence was stored in the activists\u2019 iPhone crash logs, which are details of recent crashes of the phone, which sometimes can sometimes provide indications of a hack.<\/p>\n<p><\/span><span class=\"abc__textblock size--article\" data-component=\"TextBlock\" readability=\"24.679802955665\"><\/p>\n<p>\u201cProcessing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited,\u201d Apple <a href=\"https:\/\/support.apple.com\/en-us\/HT212807\" target=\"_blank\" rel=\"noopener\">wrote in the patch\u2019s release notes<\/a>.&nbsp;<\/p>\n<p><\/span><span class=\"abc__textblock size--article\" data-component=\"TextBlock\" readability=\"28\"><\/p>\n<p>This new discovery will undoubtedly reignite the debate over whether Apple is doing enough to protect users against these kinds of attacks.&nbsp;<\/p>\n<p><\/span><span class=\"abc__textblock size--article\" data-component=\"TextBlock\" readability=\"31\"><\/p>\n<p>\u201cIt&#8217;s critically important that anybody who makes ubiquitous chat programs makes sure that those programs minimize the attack surface that those programs present. Otherwise, they will remain an irresistible target for nation state and mercenary hacking operations,\u201d Scott-Railton said.<\/p>\n<p><\/span><span><\/p>\n<div class=\"adph adph--border\">\n<p>Advertisement<\/p>\n<\/div>\n<p><\/span><span class=\"abc__textblock size--article\" data-component=\"TextBlock\" readability=\"27\"><\/p>\n<p>Security experts have recently criticized Apple for the recent slew of discovered hacks.&nbsp;<\/p>\n<p><\/span><span class=\"abc__textblock size--article\" data-component=\"TextBlock\" readability=\"33.443786982249\"><\/p>\n<p>Claudio Guarnieri, the head of the Security Lab at Amnesty International which did the Pegasus Project investigation, <a href=\"https:\/\/www.vice.com\/en\/article\/g5g3pq\/the-pegasus-project-tech-giants-need-to-do-more\">wrote in an recent op-ed<\/a> that \u201cperhaps next fall, instead of a phone with obnoxious amounts of cameras and pixels, I would welcome a more affordable, accessible, and secure device we could have some confidence in.\u201d&nbsp;<\/p>\n<p><\/span><span class=\"abc__textblock size--article\" data-component=\"TextBlock\" readability=\"27\"><\/p>\n<p><em>This story has been updated to add NSO\u2019s statement.<\/em><\/p>\n<p><\/span><span class=\"abc__textblock size--article\" data-component=\"TextBlock\" readability=\"31\"><\/p>\n<p><strong>UPDATE, Sept. 14 a.m. ET<\/strong>: After the story was published, Apple sent the following statement by Ivan Krsti\u0107, head of Apple Security Engineering and Architecture: <\/p>\n<p><\/span><span class=\"abc__textblock size--article\" data-component=\"TextBlock\" readability=\"36\"><\/p>\n<p>&#8220;After identifying the vulnerability used by this exploit for iMessage, Apple rapidly developed and deployed a fix in iOS 14.8 to protect our users. We\u2019d like to commend Citizen Lab for successfully completing the very difficult work of obtaining a sample of this exploit so we could develop this fix quickly. Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals. While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data.\u201d<\/p>\n<p><\/span><span class=\"abc__textblock size--article\" data-component=\"TextBlock\" readability=\"25.803921568627\"><\/p>\n<p><em><strong>Subscribe to our cybersecurity podcast CYBER, <a href=\"https:\/\/podcasts.apple.com\/us\/podcast\/cyber\/id1441708044\" target=\"_blank\" rel=\"noopener\">here<\/a>.<\/strong><\/em><\/p>\n<p><\/span><\/div>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/32632\/Apple-Patches-Zero-Click-iMessage-Hack-Used-By-NSO.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[9623],"class_list":["post-42846","post","type-post","status-publish","format-standard","hentry","category-packet-storm","tag-headlinephonedata-lossflawisraelpatchspywareapple"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Apple Patches Zero-Click iMessage Hack Used By NSO 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/apple-patches-zero-click-imessage-hack-used-by-nso\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Apple Patches Zero-Click iMessage Hack Used By NSO 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/apple-patches-zero-click-imessage-hack-used-by-nso\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-09-14T15:28:52+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"432\" \/>\n\t<meta property=\"og:image:height\" content=\"435\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apple-patches-zero-click-imessage-hack-used-by-nso\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apple-patches-zero-click-imessage-hack-used-by-nso\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Apple Patches Zero-Click iMessage Hack Used By NSO\",\"datePublished\":\"2021-09-14T15:28:52+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apple-patches-zero-click-imessage-hack-used-by-nso\\\/\"},\"wordCount\":1019,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"keywords\":[\"headline,phone,data loss,flaw,israel,patch,spyware,apple\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apple-patches-zero-click-imessage-hack-used-by-nso\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apple-patches-zero-click-imessage-hack-used-by-nso\\\/\",\"name\":\"Apple Patches Zero-Click iMessage Hack Used By NSO 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"datePublished\":\"2021-09-14T15:28:52+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apple-patches-zero-click-imessage-hack-used-by-nso\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apple-patches-zero-click-imessage-hack-used-by-nso\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apple-patches-zero-click-imessage-hack-used-by-nso\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,phone,data loss,flaw,israel,patch,spyware,apple\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinephonedata-lossflawisraelpatchspywareapple\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Apple Patches Zero-Click iMessage Hack Used By NSO\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Apple Patches Zero-Click iMessage Hack Used By NSO 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/apple-patches-zero-click-imessage-hack-used-by-nso\/","og_locale":"en_US","og_type":"article","og_title":"Apple Patches Zero-Click iMessage Hack Used By NSO 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/apple-patches-zero-click-imessage-hack-used-by-nso\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-09-14T15:28:52+00:00","og_image":[{"width":432,"height":435,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/apple-patches-zero-click-imessage-hack-used-by-nso\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/apple-patches-zero-click-imessage-hack-used-by-nso\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Apple Patches Zero-Click iMessage Hack Used By NSO","datePublished":"2021-09-14T15:28:52+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/apple-patches-zero-click-imessage-hack-used-by-nso\/"},"wordCount":1019,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"keywords":["headline,phone,data loss,flaw,israel,patch,spyware,apple"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/apple-patches-zero-click-imessage-hack-used-by-nso\/","url":"https:\/\/www.threatshub.org\/blog\/apple-patches-zero-click-imessage-hack-used-by-nso\/","name":"Apple Patches Zero-Click iMessage Hack Used By NSO 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"datePublished":"2021-09-14T15:28:52+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/apple-patches-zero-click-imessage-hack-used-by-nso\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/apple-patches-zero-click-imessage-hack-used-by-nso\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/apple-patches-zero-click-imessage-hack-used-by-nso\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,phone,data loss,flaw,israel,patch,spyware,apple","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinephonedata-lossflawisraelpatchspywareapple\/"},{"@type":"ListItem","position":3,"name":"Apple Patches Zero-Click iMessage Hack Used By NSO"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/42846","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=42846"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/42846\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=42846"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=42846"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=42846"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}