Apple is alerting users around the world that they may have been targeted by government spyware. This week, the company sent out a wave of Apple spyware notifications to individuals in over 100 countries, according to a message shared by one of the recipients.
So far, only two people have publicly confirmed they received the warning: Italian journalist Ciro Pellegrino and Dutch political commentator Eva Vlaardingerbroek.
Journalists and Activists Among the Targets
Pellegrino, who writes for Italian news outlet Fanpage, revealed in an article that Apple contacted him via email and text message on Tuesday. The warning stated that a state-sponsored spyware attack may have targeted him and others in multiple countries.
“Today’s notification is being sent to affected users in 100 countries,” the message read, according to Pellegrino.
In his article, Pellegrino wrote, “Did this really happen? Yes, it is not a joke.” He also emphasized that he was not the only person targeted. Apple did not specify which spyware or government agency was behind the attack.
The second person who came forward is Eva Vlaardingerbroek, a Dutch right-wing activist. She shared a screenshot of the Apple alert on X (formerly Twitter), claiming that the attack was a direct attempt to silence her.
“Apple detected a targeted mercenary spyware attack against your iPhone,” the alert stated. “This attack is likely targeting you specifically because of who you are or what you do.”
In her post, Vlaardingerbroek added, “This is an attempt to intimidate me, an attempt to silence me, obviously.”
Neither Pellegrino nor Vlaardingerbroek responded to TechCrunch’s request for comment.
Ongoing Spyware Campaigns and Prior Alerts
It’s unclear which spyware is involved in the current round of alerts. Apple previously issued similar notifications in 2023, also related to state-linked spyware attacks. These attacks often involve software created by private companies and sold to government clients, sometimes referred to as “mercenary” spyware.
This isn’t the first time journalists in Italy have been targeted. In February, WhatsApp notified Francesco Cancellato—another Fanpage journalist—that a spyware attack had been disrupted. The spyware in that case was linked to Paragon Solutions, an Israeli surveillance tech firm.
After Cancellato’s disclosure, two additional Italians affiliated with Mediterranea Saving Humans, a humanitarian NGO, also revealed they had been targeted by Paragon’s spyware.
Following the backlash, reports indicated that Paragon Solutions ended its relationship with the Italian government.
Apple, Google, and Meta have all adopted practices of notifying users when they detect credible signs of spyware or surveillance campaigns. While these alerts often contain limited technical detail, they are based on data collected from across the company’s security systems and threat intelligence.
Apple has not responded to media requests about the current wave of alerts. It remains unclear if the spyware campaign is still active or which actors are involved.
A Growing Concern for Civil Society
The rise in Apple spyware notifications underscores the growing global concern over government surveillance. Journalists, activists, and political figures are often the first to be targeted in these campaigns, which can compromise not only their communications but also their safety.
Digital rights groups like Citizen Lab have long investigated these threats and assist victims in understanding the nature of such attacks. Apple’s warning to victims usually recommends contacting one of these nonprofit organizations for support.
As cyber espionage tools become more advanced and accessible, companies like Apple continue to face pressure to defend their users and call out governments that misuse such technology.
