A notice has been issued to Apple by the Ministry of Electronics and Information Technology (MeitY) after the company sent a new round of “mercenary spyware” threat notifications to several users in India, according to officials familiar with the development. The move comes as the Indian Computer Emergency Response Team (CERT-In) has urged affected users to update their devices and seek technical assistance if needed.
CERT-In Issues Advisory After Apple Alerts
CERT-In released an advisory on December 5 asking users who received Apple’s notification to immediately update their devices, enable additional security protections and approach the agency for technical support.
“Any user who has received such notification and wishes to get their Apple devices examined or benefit from technical assistance is requested to reach out to CERT-In via email: submitmobile@cert-in.org.in,” the agency stated.
The advisory, numbered CIAD-2025-0048, notes that Apple has flagged attempts to remotely compromise devices linked to users’ Apple IDs. It has “strongly” advised recipients to install iOS update 26.1, update messaging and cloud applications, enable Lockdown Mode and remain cautious of suspicious prompts.
New Round of Global Alerts by Apple and Google
The latest round of threat notifications was sent by Apple and Google on December 2 and 3 to users globally who may have been targeted by state-sponsored or mercenary spyware operations. Such alerts typically indicate that hostile actors attempted to break into a user’s device using high-end surveillance tools.
Apple’s warnings are based on internal threat intelligence signals, though the company does not attribute the attacks to any specific government.
Concerns Over Increasing Sophistication of Spyware
Cybersecurity specialists say the escalation reflects both the severity of such attacks and the potential for opportunistic exploitation.
Meghna Bal, director at the Esya Centre, said commercial spyware continues to weaken both global and domestic cybersecurity frameworks.
“Hostile actors can exploit the same vulnerabilities used by mercenary surveillance tools. Unfortunately, these attacks are likely to become more frequent and sophisticated,” she said.
Bal added that governments must work toward non-proliferation frameworks and closer collaboration with industry on threat intelligence, even though such coordination remains difficult.
Previous Alerts Had Triggered Government Action
This is not the first instance of Apple’s threat notifications prompting official engagement in India. In 2023, MeitY sought clarification from the company after several opposition politicians and journalists reported receiving similar alerts.
Apple subsequently met MeitY and CERT-In, stating that its notifications were based on internal security indicators and were not linked to or directed against any government.
Awaiting Apple’s Response to Notice
Moneycontrol has reached out to Apple for comment on the notice issued by MeitY. The report will be updated once the company responds.
