Last week, while checking the device of an individual employed by a Washington DC-based civil society organization with international offices, Citizen Lab found an actively exploited zero-click vulnerability being used to deliver NSO Group’s Pegasus mercenary spyware.
Source: BLASTPASS: NSO Group iPhone Zero-Click, Zero-Day Exploit Captured in the Wild – The Citizen Lab