Apple and Google have released multiple software updates on Zero-Day attacks to their operating systems since learning about a piece of malware that may have been monitoring iPhone and Android users in more than 20 countries.
On Wednesday, Google patched a few security bugs in its Chrome browser and said one of the vulnerabilities was currently being exploited by hackers, even though it had not yet been patched. Unlike Google, the company provided no further information at the time.
Yet on Friday, Google updated the page to reveal that Apple’s security engineering team and its own Threat Analysis Group had found the bug, suggesting that hackers who would likely only be available to the government may have been behind this hacking campaign.
Apple also issued security updates for iPhones, iPads, Macs, Vision Pro, Apple TV, Apple Watches, and its Safari browser.
Apple said it was aware “that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals” operating devices earlier than iOS 26, according to a security advisory for iPhones and iPads.
That language is Apple’s standard way of affirming what it already knows: that some of its customers and users were targeted by hackers exploiting zero-day flaws, which were unknown to the software makers at the time they were exploited.
Most of the time, these are situations in which government hackers use commercial hacking tools and spyware developed by companies like NSO Group or Paragon Solutions to target journalists, dissidents, and human rights activists. Apple and Google did not immediately respond to a request for comment.
