Apple released an update to the iPhone and iPad operating system on Thursday, and you should probably download and install it as soon as is possible. About 10 days ago, researchers at Citizen Lab, a University of Toronto tech research organization, and mobile security firm Lookout discovered three large security holes in Apple's iOS that could give someone with the right tool access to your entire phone — they could "read text messages and emails and track calls and contacts," The New York Times said, "even record sounds, collect passwords, and trace the whereabouts of the phone user" — and you would never know anything was going on.
Citizen Lab was tipped off when Ahmed Mansoor, a human rights activist in the United Arab Emirates, forwarded some suspicious text messages he was receiving, and sure enough, the messages contained code that would grant an outsider access to an entire phone. The researchers traced the code back to an Israeli cyber-espionage outfit called NSO Group, which The Times calls "one of the world's most evasive digital arms dealers." NSO spokesman Zamir Dahbash told The Times that "the company sells only to authorized governmental agencies, and fully complies with strict export control laws and regulations," but did not say if UAE had purchased its products. Along with Mansoor, NSO tools have been used to target people in Yemen, Turkey, Mozambique, Mexico, and Kenya.
You can learn more about the exploit at Gizmodo, Motherboard, and The New York Times, or watch the Associated Press report below, but upgrade your system before you do — Apple says the new update patches those gaping holes. Peter Weber