https://www.npr.org/2025/11/08/nx-s1-5585691/ice-facial-recognition-immigration-tracking-spyware
So, basically this story broke at the end of last year. I’ve been trying to find follow up details, but when I’m finding is both vague and scarce.
How does this attack work? Are recent iPhones/GrapheneOS safe from this sort of attack?
The spyware mentioned in the article is from Paragon. CitizenLab has an excellent analysis of it after it was used in Italy:
So are phones safe today? Unknown. The exact CVEs exploited in this attack have been patched but the point of zero-days is they aren’t known.
If you are concerned about this kind of attack, the only known effective mitigations are to use Lockdown Mode on iOS or GrapheneOS on a pixel. These two approaches have no documented effective attacks against them from zero-click spyware like Paragons Graphite.
Other steps to take are to disable auto download of attachments/images in all Messaging apps and in your email app and download iVerify to provide a means of detecting (but not preventing) attacks.