https://wikileaks.org/ciav7p1/cms/page_29032469.html
https://wikileaks.org/ciav7p1/cms/page_20250978.html If this link works look in the list for 'HAMR'.
Is this what you are looking for? These were documents from the revelation of the CIA's 'Vault 7' files.
Every one of those have been looked at by Mac and iOS programming experts and they ALL required physical possession of the device and the users’ passcode to install. I.E., they essentially could only be installed with the help of the user. They were Trojans, installed by way of planting them on a Mac, then doing a restore of the iOS device from a backup on the users’ Mac, entering the user’s iOS passcode to initiate the full backup, to install the maliciously altered app. It notes that the vulnerabilities would not survive updates from Apple. They didn’t. Keep in mind these all came from Snowden’s downloads circa 2013 and before.
That being said, I have no doubt that the NSA has continued their efforts in these areas. In fact, I would be disappointed if they had discontinued them. That’s their job.