The delay in disclosure has raised questions about transparency, especially since Apple had fixed the issue months earlier.

Citizen Lab, which investigated the attacks, reported that Apple did not disclose the flaw until pressured by their findings.

The Italian government has acknowledged using Paragon's spyware against specific individuals, although it has not confirmed who targeted the journalists.

Citizen Lab reached out to Paragon for a response to their findings but had not received any reply by the time of publication.

The report published by Citizen Lab highlights that both targeted phones communicated with the same Graphite command-and-control server, indicating a coordinated effort.

The spyware was delivered through a zero-click exploit via iMessage, meaning victims did not need to interact with any malicious messages.

Apple defends its policy of disclosing bugs only after they have been fixed, but critics argue this approach leaves users unaware of potential risks.

For individuals at risk, enabling Lockdown Mode and responding urgently to Apple threat notifications is advised to enhance security against sophisticated spyware attacks.

This incident underscores the ongoing risks associated with mobile device security, particularly for high-profile individuals such as journalists.

On June 12, 2025, researchers confirmed that two European journalists had their iPhones hacked using Paragon spyware, prompting Apple to announce a fix for the exploited zero-day bug.

The vulnerability, identified as CVE-2025-43200, involved Apple's iCloud Link feature, allowing a single malicious photo or video to trigger spyware installation without user awareness.

This flaw was patched in iOS version 18.3.1, but concerns arose regarding Apple's delay in disclosing the exploit details until June 11, 2025.