Apple has released a software update to prevent "zero-click" spyware from infecting iPhones and iPads.
The flaw, which allows hackers to access devices via the iMessage service even if users do not click on a link or file, was discovered by independent researchers.
According to the researchers, the issue affects all of the technology giant's operating systems.
The security update was released in response to a "maliciously crafted" PDF file, according to Apple.
The Citizen Lab at the University of Toronto had previously discovered evidence of zero-click spyware, but "this is the first one where the exploit has been captured so we can figure out how it works," according to researcher Bill Marczak.
The previously unknown vulnerability, according to the researchers, affected all major Apple devices, including iPhones, Macs, and Apple Watches.
Citizen Lab also claimed that the security flaw was used to install spyware on a Saudi activist's iPhone and that it had high confidence that the attack was carried out by the Israeli hacker-for-hire firm NSO Group.
NSO did not confirm or deny that it was behind the spyware in a statement to the Reuters news agency, saying only that it would "continue to provide intelligence and law enforcement agencies around the world with life-saving technologies to fight terror and crime."
Although the discovery is significant, security experts say that most users of Apple devices should not be alarmed because such attacks are usually highly targeted.
After learning of a report that the flaw "may have been actively exploited," Apple issued the iOS 14.8 and iPadOS 14.8 software patches, according to a blog post.
The news came as the tech giant was preparing to reveal new devices at its annual launch event on Tuesday.
Apple is expected to announce new iPhones, as well as updates to its AirPods and Apple Watch.
Apple's iMessage is one of the most secure messaging apps on the market, but it clearly had a dangerous flaw that was discovered and exploited by a hacking team.
Apple, which prides itself on being a secure and safe system, will be embarrassed by the news.
The news could further tarnish NSO Group's image, which has already been tarnished by recent allegations of widespread spying on innocent people.
It also proves that no device is completely secure if a determined, well-funded team wants to hack it and is paid well enough to do so.
The general consensus is that iOS users should update their device's security software as soon as possible to close the security hole.
However, the chances of becoming a victim of this expensive and highly skilled hacking are slim for the vast majority of users.