A new security report has revealed that a dangerous flaw in Apple’s Messages app was used to spy on journalists. At the same time, businesses using SAP S/4HANA are being warned about a critical vulnerability that attackers are already exploiting. Both cases show how quickly hackers move and why updating software immediately is more important than ever.
Researchers at Citizen Lab confirmed that at least two European journalists had their iPhones infected with Paragon’s Graphite spyware. The spyware was delivered using a zero-click flaw, tracked as CVE-2025-43200, in Apple’s Messages app. Zero-click means the victim does not have to open or tap anything. Attackers only need to send a specially crafted message, and the infection happens automatically.
In this case, the spyware was sent using photos or videos through iCloud links that exploited a logic bug inside Messages. Once the malicious file arrived, the attackers gained full access to the phone without the victim’s knowledge. The spyware allowed them to steal messages, read chats from encrypted apps like Signal or WhatsApp, turn on the microphone, and monitor calls.
Apple acknowledged the flaw and confirmed that it may have been used in targeted attacks against high-risk individuals. The company patched the issue in updates released in February 2025, and later security updates also included the fix. Apple also sent out security notifications to people who might have been targeted. Citizen Lab’s investigation provided the first public confirmation that Paragon’s Graphite spyware was deployed in the real world against journalists.
This case highlights the growing threat of mercenary spyware vendors. These companies develop advanced hacking tools and sell them to governments or other groups that want to secretly monitor people. Even well-protected iPhones running the latest version of iOS were not safe until the patch was released. For everyday users, the best defense is simple: keep your devices updated to the latest version and take Apple’s security warnings seriously.
While Apple users face spyware threats, businesses running SAP S/4HANA must deal with another critical problem. Security researchers from SecurityBridge discovered a severe code-injection bug in S/4HANA, tracked as CVE-2025-42957. The flaw has a CVSS score of 9.9, which places it in the most serious category. Even accounts with low privileges can exploit the bug to inject ABAP code and gain full control of the system.
SecurityBridge confirmed that this vulnerability is already being actively exploited. That means attackers are not just testing it in labs but are using it to compromise real systems. Once inside, they can steal sensitive business data, commit financial fraud, or even deploy ransomware. For companies that rely on SAP to run core operations, this type of attack could cause massive disruption.
SAP responded by releasing fixes on its August 12, 2025 Patch Day. Security Note 3627998 and related updates address the flaw, and the company is urging all users to apply them immediately. National CERTs and cybersecurity agencies have also issued alerts, warning that attackers will continue to target unpatched systems aggressively. The longer companies delay, the greater the risk of serious damage.
Experts advise SAP administrators to patch without delay, but also to review logs for suspicious activity, rotate passwords, and isolate systems if compromise is suspected. Quick action is critical because this type of vulnerability can give attackers a direct path into the most sensitive parts of a business. In many cases, the difference between patching today and patching next week could be the difference between safety and a costly breach.
Both of these incidents, though very different, point to the same conclusion. Attackers are getting faster at weaponizing flaws, whether it is a zero-click exploit against individuals or a code-injection bug in enterprise systems. The gap between discovery and exploitation is shrinking. For individuals, updating Apple devices is essential protection. For organizations, applying SAP patches right away can prevent devastating attacks. In today’s threat landscape, speed and vigilance are the best shields we have.
Stay alert, and keep your security measures updated!
Source: Follow cybersecurity88 on X and LinkedIn for the latest cybersecurity news
