ZecOps originally said that it found its evidence through digital clues left behind in iOS, adding that it couldn’t obtain proof in the form of messages as they had been deleted from targets’ phones. In a response to Apple’s statement, the company reiterated its stance that it had seen “triggers in-the-wild” for the exploit and that once the update has been pushed to users it will “release more information and POCs (proof of concepts)” to further clarify its original findings.

A security researcher from Jamf told the WSJ that the evidence of attacks was “compelling” but not authoritative. In any even, while Apple is now saying that the vulnerabilities weren’t exploited in the wild, they were clearly still serious enough to warrant a patch.