Pegasus is one of the most powerful spyware tools in the world, and now experts say Apple’s newest iPhone update is making it harder to find. The software, created by the Israeli company NSO Group, can secretly infect smartphones and give hackers or government agencies full access to everything on a device. That includes texts, calls, photos, passwords, and even the phone’s microphone and camera. What makes Pegasus even more alarming is that it doesn’t require the user to click a link or download anything. It can break into a phone silently and leave no obvious signs of tampering.
For years, cybersecurity researchers have used a file hidden deep in the iPhone’s system to look for clues of Pegasus activity. This file, called shutdown.log, tracked things like when the phone restarted, crashed, or shut down unexpectedly. Those system patterns often helped investigators identify Pegasus infections. But with Apple’s new iOS 26 update, that file is no longer reliable. The system now automatically deletes or overwrites it every time the phone restarts, erasing important forensic evidence that could reveal if a device was compromised.
Researchers say this change means that once a phone reboots, any proof of a Pegasus attack might be gone forever. It is a major setback for digital investigators and human rights organizations who rely on those system traces to confirm spyware attacks on journalists, activists, and political figures. Experts believe Apple didn’t make this change to protect hackers, but rather to improve device performance and reduce unnecessary storage use. Still, it’s an unexpected blow to the cybersecurity community.
Apple has not publicly commented on the change, though the company has built its reputation on user privacy and security. It has even sued NSO Group and warned users when their devices might have been targeted by spyware. However, privacy experts say that by removing key forensic data, Apple has made it harder for outside watchdogs to hold powerful governments and spyware makers accountable.
Pegasus has been at the center of global controversy since investigations revealed it was used to monitor journalists, opposition leaders, and activists in several countries. In some cases, even the phones of U.S. diplomats working overseas were targeted. The spyware’s reach is global, and while most ordinary users are unlikely to be affected, the issue highlights how fragile digital privacy can be.
Apple’s latest update may help phones run smoother, but it also makes it easier for Pegasus and similar tools to operate undetected. With spyware already one step ahead, experts are urging Apple to restore access to forensic files that help protect the people most vulnerable to surveillance. For now, one of the world’s most dangerous digital weapons just became a little harder to spot.
Video:
Rachel Maddow sounds the alarm on Donald Trump’s latest move to track the phones of all Americans: “This turns your own phone into a spy against you. This is a surviellance capability I have been laying awake at night thinking about for the past couple of years” pic.twitter.com/pF1g1LQgJ9
— Marco Foster (@MarcoFoster_) October 28, 2025
