It is a ‘zero-click’ exploit, meaning it does not require any user interaction for an attack to be successful. The exploit was discovered by internet research group CitizenLab, which said it was used by spyware company NSO Group to infect the phone of a Saudi Arabian human rights activists with Pegasus spyware.ĬitizenLab said the exploit, which it is calling ForcedEntry, may have been used by NSO Group as early as February. Researchers said the exploit, dubbed ForcedEntry, has been used to infect Apple devices with the Pegasus spyware.Īpple has released an update to address a security flaw affecting iPhones, iPads, Apple Watches and Macs.Īll users are strongly urged to update to iOS 14.8, iPadOS 14.8, WatchOS 7.6.2 and MacOS Big Sur 11.6 immediately to ensure they are protected against the issue.