According to Foresight News, the chief information security officer of SlowMist, 23pds, has reported that the Pegasus group is exploiting a zero-click vulnerability in the iOS system. The attackers are using iMessage accounts to send malicious images with PassKit attachments to trigger the attack on victims. The exploitation chain has been made public, and Apple users can be infected without any click interaction. Apple has already released an emergency update to address the issue.