Apple and Google have released several software updates to protect against a hacking campaign targeting an unknown number of their users.

On Wednesday, Google released patches for a handful of security bugs in its Chrome browser, noting that one of the bugs was being actively exploited by hackers before the company had time to patch it. 

Unusually for Google, the company provided no further details at the time. 

But on Friday, Google updated the page to say that the bug was discovered by Apple’s security engineering team and Google’s Threat Analysis Group, whose security researchers primarily track government hackers and mercenary spyware makers, indicating that the hacking campaign may have been orchestrated by government-backed hackers.

At the same time, Apple released security updates for its flagship products, including iPhones, iPads, Macs, Vision Pro, Apple TV, Apple Watches, and its Safari browser.

According to the security advisory for iPhones and iPads, Apple patched two bugs and the company said it was aware “that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals” running devices prior to iOS 26.

That language is Apple’s typical way of saying that it knows some of its customers and users were targeted by hackers exploiting zero-days, meaning flaws that at the time of exploitation are unknown to the software makers. Often, these are cases where government hackers used hacking tools and spyware made by companies such as NSO Group or Paragon Solutions to target journalists, dissidents, and human rights activists. 

Apple and Google did not immediately respond to a request for comment.