In a new report, researchers at the University of Toronto's Citizen Lab said the NSO Group, an Israeli spyware company, used what is known as a "zero-click exploit" to access the phone of an unnamed Saudi activist.

They also revealed that the NSO Group's flagship "Pegasus" spyware program was used to infect the activist's device.

"Whereas typical cyberattacks require a user to engage with a malicious piece of content - such as clicking on a rogue link - zero click exploits do not require any sort of interaction with devices' owners themselves," Lisa Plaggemier, interim executive director of the National Cyber Security Alliance, told CBS News.

"Once installed, Pegasus allows for a variety of controls that can siphon data or activate processes, such as the camera or microphone, on iOS or Android devices," Jerry Ray, COO of the cyber firm SecureAge, told CBS News.

More recently, Citizen Lab said the Pegasus spyware was used to hack 36 personal phones of journalists, producers, anchors, and executives at Al Jazeera. .

In a short statement to CBS News, the NSO Group said it will "continue to provide intelligence and law enforcement agencies around the world with life saving technologies to fight terror and crime.".

But cyber security analysts who spoke with CBS News disagreed with the framing from the NSO Group.

While Apple says the recent vulnerability is unlikely to impact the majority of its customers, cyber security analysts say the breach is nonetheless highly cornering