On 2 December 2025, Apple sent threat notifications to users in 84 countries - one of the largest single waves since the programme launched.
Not a security tip.
A direct, personal warning: your device may have been targeted by state-sponsored attackers. Apple reserves these alerts for situations where it believes a user is being hunted by well-resourced, sophisticated operators. Custom operations. Expensive. Almost always government-connected.

The alerts landed in the middle of a coordinated disclosure by Google, Amnesty International, and a consortium of investigative journalists focused on Intellexa - the company behind the Predator spyware platform. Already sanctioned twice by the US government, Intellexa had simply adapted: setting up shell companies to infiltrate advertising networks, and deploying a new infection method called "Aladdin" that silently compromises a device through a targeted banner ad.
There was no link to click, no file to open. Just an ad: served through a legitimate network that fingerprints the device and redirects it to an exploit server if it matches the target profile.

The Intellexa Leaks, published on 4 December, added the most disturbing detail: Intellexa's own staff retained live remote access, via TeamViewer, to the surveillance systems of their government customers.
In at least one training video, a staff member asked whether what they were watching was a test environment. The instructor confirmed it was live. Then, on 30 December the US Treasury quietly removed three sanctioned Intellexa-linked executives from its watchlist. No press conference. No explanation.

The leaks also confirmed a new Predator infection vector called "Aladdin": a system designed to silently infect target phones simply by serving them a malicious digital advertisement.
No link to click. No file to open. Just an ad, delivered through the normal advertising ecosystem, that fingerprints the device and, if it matches the target profile, redirects it to an Intellexa exploit server.
Google identified the shell companies Intellexa had set up to infiltrate advertising platforms and had them shut down. The ad networks themselves did not know they were being used.

Most cyberattacks exploit things organisations failed to fix, Predator is different, Intellexa has burned through at least 15 unique zero-day vulnerabilities in mobile browsers since 2021, buying them from independent researchers and using them until patched. Each exploit costs millions. The "Aladdin" delivery system, infecting a device silently through a targeted ad on a legitimate website, requires no interaction from the victim whatsoever. There is no suspicious link to avoid as teh attack happens while you read/display the ad.

How does that potentially affect you?

• If you received an Apple threat notification, act immediately. Enable Lockdown Mode on your device and contact Amnesty International's Security Lab or Citizen Lab - both offer forensic support to targeted individuals. Do not dismiss the alert as a false positive.
• Keep iOS and Android fully updated. Predator's exploits are burned the moment they are patched. An updated device is a significantly harder target. This is unglamorous advice but it is the single most effective mitigation against zero-click spyware.
• This threat extends beyond obvious targets. Journalists and activists are the headline victims, but Predator has been used against family members of primary targets and employees at organisations of strategic interest. If your work involves sensitive data, cross-border finances, legal matters, or government counterparts, your personal device is part of your threat model.
• Sanctions are not a defence strategy. Intellexa was sanctioned twice and kept operating. Organisations cannot deprioritise technical controls on the assumption that regulatory action will contain commercial spyware vendors.

As 2025 is coming to an end, it was a year of incidents with familiar weaknesses, exploited at scale. Supply chain integrations trusted and forgotten. Cloud infrastructure left unpatched for years. Factories halted by a phone call. The same vishing playbook used over and over because it keeps working. The attacks that caused the most damage were not all technically sophisticated - they were patient, and they targeted the gap between the security posture organisations thought they had and the one they actually did. The Apple spyware story is the exception that proves the rule. Predator is genuinely advanced, genuinely expensive, and genuinely hard to defend against. But it is aimed at a narrow slice of individuals. The ransomware groups that shut down hospitals, retailers, and car manufacturers this year were not. They were targeting every organisation that had not done the basics: patching, segmentation, staff training, third-party access controls, cyber insurance.

For 2026, expect more of the same - faster. AI is lowering the cost of phishing, vishing, and reconnaissance to near zero. Ransomware groups are professionalising at a rate that outpaces most organisations' ability to respond.
The fundamentals have not changed. They just matter more than ever.