A French document detailing what someone should do when alerted by Apple about a security threat confirms that a new threat notification campaign occurred on September 3.

Apple has been sending out multiple threat notifications to individuals across various countries and professions in recent months. One alert went to Iranians in July while another went across 100 countries in April.

According to a document from CERT-FR, an incident management branch of the French National Agency for the Security of Information Systems, there have been four threat notification incidents recorded in 2025. Those are March 5, April 29, June 25, and September 3.

The document notes that anyone that receives the notification from Apple will have at least one device that has potentially been compromised on that Apple Account. The notification should alert the user to freeze all use of their technology and devices get turned over so the investigation can occur without interruption.

Threat notifications appear in iMessage and an email from Apple. The email address will either be [email protected] or [email protected].

CERT-FR asks that individuals that receive the notifications immediately contact them via their contact webpage. Hold onto the notification email from Apple and don't make any changes to the equipment.

The document also notes that users can take simple steps to reduce their risk of being compromised by the hackers.

Translated from French:

  • Update equipment as quickly as possible with the latest version. Apple updates often fix vulnerabilities exploited by spyware
  • Enable automatic updates, including security updates
  • Partition as much as possible for personal and professional use, ideally using different devices
  • Activate the "Isolation Mode" to strengthen the security of your Apple devices
  • Restart your device regularly, ideally once a day
  • Do not click on suspicious links or attachments
  • Configure a robust and unique access code
  • Use two-factor authentication as soon as possible
  • Avoid installing unknown applications or from alternative app stores

Apple is on top of threats

These threat notifications are something the average Apple user should never encounter. They occur only when journalists, lawyers, politicians, and other senior officials are targeted by sophisticated attacks that are generally sponsored by government or terrorist entities.

Apple is also constantly finding ways to close the attack vectors utilized by popular tools and agencies from Pegasus and others. The iPhone 17 lineup introduced a new Memory Integrity Enforcement feature that should stop many of the more sophisticated attacks.

The annual Security Research Device Program has also opened to give researchers an opportunity to probe the latest iPhones for vulnerabilities.

Apple takes device security quite seriously, which is why many governments and enterprises choose iPhone above all else. Perhaps continued enhancements to the iPhone and other Apple product security will lead to fewer threat notifications in the future.