Cybersecurity News in Asia

RECENT STORIES:

SEGA moves faster with flow-based network monitoring
Just a single malicious email can poison your AI agent’s memory: resea...
VIDA Demonstrates How Passwordless Authentication Can Break the Scam C...
New AI jailbreak techniques expose limits of safety defenses, prompt i...
The cyber incident that is too “isolated” to accentuate to mass media...
Sparsa AI Launches Sovereign Enterprise AI Platform with Global Deploy...
LOGIN REGISTER
CybersecAsia
  • Features
    • Featured

      S E Asia governments targeted by cyber-espionage group

      S E Asia governments targeted by cyber-espionage group

      Tuesday, June 23, 2026, 8:00 AM Asia/Singapore | Features
    • Featured

      Rethinking network and infrastructure design for resilience

      Rethinking network and infrastructure design for resilience

      Thursday, June 18, 2026, 2:17 PM Asia/Singapore | Features
    • Featured

      Bringing cybercriminals to justice in APAC

      Bringing cybercriminals to justice in APAC

      Thursday, June 11, 2026, 10:30 AM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • AWARDS 2026
  • Directory
  • E-Learning

Select Page

News

Zero-click vulnerability in the Apple ecosystem still a lingering concern

By CybersecAsia editors | Tuesday, June 17, 2025, 1:59 PM Asia/Singapore

Zero-click vulnerability in the Apple ecosystem still a lingering concern

A Jan 2025 incident, addressed since Feb 2025, is still a concern now due to the non-transparent disclosure and other factors.

A critical security flaw, identified as CVE-2025-43200, in Apple’s Messages app, had been exploited to deploy Paragon’s Graphite spyware targeting journalists, according to a report by The Hacker News on 13 June, 2025.

The Citizen Lab, a research group focused on cyber surveillance, uncovered evidence of the flaw being used against Italian journalist Ciro Pellegrino and another prominent European journalist in January and February 2025, using devices running iOS 18.2.1.

The attacks, described as highly sophisticated, enabled covert surveillance by accessing messages, cameras, microphones, and location data without victims’ awareness. When exploited, the zero click vulnerability required no user interaction to gain control, and allowed attackers to compromise devices by processing maliciously crafted photos or videos shared via iCloud Links.

The response by Apple was to notify affected users and issue threat alerts, although the firm had initially delayed disclosing the flaw’s existence, raising questions about transparency. Eventually, this zero-click vulnerability was addressed with software patches* on 10 February 2025. Apple’s response included patching another zero-day flaw, CVE-2025-24200, in the same updates, addressing vulnerabilities exploited in targeted attacks.

While the incident had occurred in the early part of 2025, concerns linger over the spyware linked to Paragon, a commercial surveillance vendor, about mercenary spyware targeting civil society members such as journalists and activists.

The Citizen Lab has noted that the infections contacted a server associated with an unidentified Paragon operator, consistent with previous reports of Graphite spyware targeting Italian human rights activists. This incident underscores the growing threat of zero-click exploits, which bypass user interaction and traditional security measures.

Even now, in June 2025, users and potential victims of such zero click vulnerabilities are urged to update to the latest software versions and consider enabling Lockdown Mode to reduce exposure to such threats.

*with updates across multiple platforms, including iOS 18.3.1, iPadOS 18.3.1, macOS Sequoia 15.3.1, and others, to implement enhanced validation checks

Share:

Previous‘Want to avoid Swiss Cheese cybersecurity? Heed Hammurabi’s Code!
NextWill robocall fraud start to decline in 2026 with stronger regulations?

Related Posts

Three cyber threats in 2025 are predicted to share the same rubric: AI

Three cyber threats in 2025 are predicted to share the same rubric: AI

Friday, December 20, 2024

How a large social enterprise transformed to meet digital threats head on

How a large social enterprise transformed to meet digital threats head on

Tuesday, April 20, 2021

Danger: accessing corporate data on personal devices at home is risky

Danger: accessing corporate data on personal devices at home is risky

Wednesday, September 16, 2020

Asia Pacific firms face rising levels of fraud

Asia Pacific firms face rising levels of fraud

Friday, July 2, 2021

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

Slide

CybersecAsia Voting Placement

Gamification listing or Participate Now

PARTICIPATE NOW

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

  • Critical Security Threatsand the Need for ZTNA: How evolving cyberattacks demand a Zero Trust approach

    Critical Security Threatsand the Need for ZTNA: How evolving cyberattacks demand a Zero Trust approach

    Cyber threats have become more frequent and sophisticated, targeting organizations of all sizes across all …Download Whitepaper
  • Zero Trust Made Simple: Why it matters and how to get started

    Zero Trust Made Simple: Why it matters and how to get started

    Data breaches and cyberattacks are no longer limited to large, high-profile organizations.Download Whitepaper
  • Cloud Secure Edge: Remote access, better security

    Cloud Secure Edge: Remote access, better security

    ​SonicWall Cloud Secure Edge™ is a modern, cloud-native Security Service Edge (SSE) solution that addresses …Download Whitepaper
  • Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats

    Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats

    Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper

Middle-sidebar-banner

Case Studies

  • How a Vietnamese D2C retailer built its own secure digital infrastructure

    How a Vietnamese D2C retailer built its own secure digital infrastructure

    Would your organization build your own digital infrastructure – including AI governance and cybersecurity – …Read more
  • Cyber protection for medical clinics in Singapore

    Cyber protection for medical clinics in Singapore

    As Singapore’s healthcare sector becomes increasingly digital and interconnected, clinics are facing heightened cyber risks, …Read more
  • India’s WazirX strengthens governance and digital asset security

    India’s WazirX strengthens governance and digital asset security

    Revamping its custody infrastructure using multi‑party computation tools has improved operational resilience and institutional‑grade safeguardsRead more
  • Bangladesh LGED modernizes communication while addressing data security concerns

    Bangladesh LGED modernizes communication while addressing data security concerns

    To meet emerging data localization/privacy regulations, the government engineering agency deploys a secure, unified digital …Read more

Bottom sidebar

Other News

  • VIDA Demonstrates How Passwordless Authentication Can Break the Scam Chain

    Monday, July 13, 2026
    KUALA LUMPUR, Malaysia, July 13, …Read More »
  • Sparsa AI Launches Sovereign Enterprise AI Platform with Global Deployment at QNET

    Wednesday, July 8, 2026
    The Sparsa AI Enterprise Operating …Read More »
  • Conifers AI Opens Singapore Data Region, Bringing Local Data Residency to Asia-Pacific Security Teams

    Wednesday, July 8, 2026
    With data regions now spanning …Read More »
  • DXC Opens Flagship AI-first Customer Experience Center in Bengaluru

    Tuesday, July 7, 2026
    Strengthens DXC’s India presence with …Read More »
  • D-Link Brings Advanced AI Fall Detection and Privacy Protection to Home Elderly Care with the New DCS-8610 Wi-Fi Camera

    Monday, July 6, 2026
    Advanced technologies traditionally found in …Read More »
  • Our Brands
  • DigiconAsia
  • MartechAsia
  • Home
  • About Us
  • Contact Us
  • Sitemap
  • Privacy & Cookies
  • Terms of Use
  • Advertising & Reprint Policy
  • Media Kit
  • Subscribe
  • Manage Subscriptions
  • Newsletter

Copyright © 2026 CybersecAsia All Rights Reserved.