Apple Warns as Intellexa Leak Reveals ’Israeli’ Spyware Scope

By Staff, Agencies

Apple issued another wave of cyber threat alerts to users across the globe, the company announced on Friday, underscoring its continued push to safeguard customers from digital surveillance attempts.

Apple is among several major technology firms that routinely alert individuals when it detects activity suggesting they may have been targeted by state-backed hackers.

In its latest statement, the company confirmed that the notices were sent on December 2 but provided no additional information about the nature of the suspected spying, how many users were affected, or which actors might be responsible.

Past rounds of these warnings have sparked widespread attention and prompted government inquiries, including within the European Union, where senior officials have previously been targeted with sophisticated spyware.

Apple added that “to date we have notified users in over 150 countries in total.”

Apple's statement follows Google's Dec. 3 announcement that it was warning all known users targeted using Intellexa spyware, which it said spanned "several hundred accounts across various countries, including Pakistan, Kazakhstan, Angola, Egypt, Uzbekistan, Saudi Arabia, and Tajikistan."

A new collaborative investigation known as the “Intellexa Leaks,” conducted by Inside Story, “Haaretz”, and the WAV Research Collective with technical support from Amnesty International, has shed new light on the inner workings of Intellexa, a surveillance technology provider notorious for distributing the invasive Predator spyware linked to abuses in multiple countries.

Responding to the publication of the findings, Jurre van Bergen, a technologist with Amnesty International’s Security Lab, said, “This investigation provides one of the clearest and most damning views yet into Intellexa’s internal operations and technology.”

He continued by warning that “the fact that, at least in some cases, Intellexa appears to have retained the capability to remotely access Predator customer logs, allowing company staff to see details of surveillance operations and targeted individuals, raises questions about its own human rights due diligence processes.

If a mercenary spyware company is found to be directly involved in the operation of its product, then by human rights standards, it could potentially leave them open to claims of liability in cases of misuse and if any human rights abuses are caused by the use of spyware.”

Van Bergen noted that Predator had already been tied to earlier surveillance events, including a 2021 attack on Greek journalist Thanasis Koukakis, documented through forensic research by Citizen Lab.

The newly leaked material adds further weight to evidence linking Intellexa’s spyware to violations of privacy and free expression.

He added, “These revelations come as new cases of Predator spyware abuse show Intellexa’s product continues to unlawfully surveil activists, journalists, and human rights defenders. Amnesty International uncovered a summer 2025 attack in Pakistan, proving Predator is actively violating privacy and freedom of expression.”

Even more troubling, he said, is the company’s development of a next-generation spyware tool called Aladdin, "which can infect mobiles through online advertisements.”

The “Intellexa Leaks” inquiry is the result of months of work and draws on a cache of sensitive internal documents and materials from the company, including corporate records, sales and promotional content, and training videos.

Amnesty International’s Security Lab published an in-depth technical analysis of the leaked files, along with Intellexa founder’s response to “Haaretz’s” request for comment, in a report titled “To Catch a Predator: Leak exposes the internal operations of Intellexa’s spyware.”

Amnesty International has previously examined Intellexa’s tools and documented numerous abuses tied to Predator as part of its 2023 “Predator Files” investigation.

Further reporting on the Pakistan attack campaign and other new cases of spyware misuse will be released in a series of upcoming Amnesty International publications.

The growing revelations surrounding "Israel"-linked spyware firms like Intellexa highlight an alarming global trend: the normalization of invasive surveillance tools used against journalists, activists, and human rights defenders.

As technologies like Predator and now Aladdin continue to evolve and spread, they pose an escalating threat to privacy, freedom of expression, and civil liberties worldwide.

The latest leaks expose not only the technical reach of these tools but also the lack of accountability and regulation surrounding their deployment.

Without urgent international oversight and enforceable legal safeguards, the unchecked proliferation of such "Israeli" spyware risks entrenching digital repression and enabling widespread human rights violations across borders.