Technology giant Apple has warned of serious security vulnerabilities for iPhones, iPads and Macs that could potentially allow attackers to take complete control of these devices.
The Telegraph reports that the US group said it is "aware of a report that this issue may have been actively exploited".
It said the malicious application "may be able to execute arbitrary code with kernel privileges", which means the hacker could fully access the device.
The vulnerabilities could also process "maliciously-crafted web content" which "may lead to arbitrary code execution" on WebKit - Apple's browser engine used on various applications such as Safari, Mail and App Store.
Security experts have advised users to update affected devices, such as the iPhones6S and later models, several models of the iPad, including the fifth generation and later, all iPad Pro models and the iPad Air 2, as well as Mac computers running MacOS Monterey. It also affects some iPod models.
Rachel Tobac, chief of SocialProof Security, told the Telegraph that that the vulnerabilities mean a hacker could get "full admin access to the device" so that they can "execute any code as if they are you, the user".
Those who should be particularly attentive to updating their software are "people who are in the public eye" such as activists or journalists who might be the targets of sophisticated nation-state spying, Ms Tobac said.
Security reports
Apple released two security reports about the issue on Wednesday, although they did not receive wide attention outside of tech publications.
It did not say how, where or by whom the vulnerabilities were discovered.
Commercial spyware companies such as Israel's NSO Group are known for identifying and taking advantage of such flaws, exploiting them in malware that surreptitiously infects targets' smartphones, siphons their contents and surveils the targets in real time.
NSO Group has been blacklisted by the US Commerce Department. Its spyware is known to have been used in Europe, the Middle East, Africa and Latin America against journalists, dissidents and human-rights activists.
Security researcher Will Strafach said he had seen no technical analysis of the vulnerabilities that Apple has just patched. The company has previously acknowledged similarly serious flaws and, in what Mr Strafach estimated to be perhaps a dozen occasions, has noted that it was aware of reports that such security holes had being exploited.