Apple has released a major software update due to a vulnerability in the iOS operating system.
Pegasus spyware could allow hackers to access messaging app iMessage even if users don't click on a link or file, research firm Citizen Lab found.
According to Citizen Lab, the vulnerability is being exploited by the Israeli cyber-espionage company NSO Groep, which can take over the messaging app on iPhones, Mac computers and Apple Watches with so-called Pegasus spyware.
Citizen Lab discovered that a Saudi activist's iPhone had been infected with this spyware for over six months.
According to the research firm, users usually do not realize that they have been hacked, because the devices get infected without users clicking on fraudulent links.
The software could, among other things, enable a user's camera and microphone.
It could also send messages.
"The spyware can do everything an iPhone user can do on their device and more," said a Citizen Lab researcher.
However, according to security experts, most Apple users need not worry as such attacks are usually highly targeted.
Still, Apple is calling on users to perform the software update as soon as possible.
NSO neither confirms nor denies being behind the spyware.
"We continue to provide intelligence agencies around the world with life-saving technologies to fight terror and crime," the company said in a statement to