This is where I'd rather see Apple engineers spend their image scanning powers on.
Now that the vulnerability is known, it is easy to implement an algorithm that identifies malicious files exploiting this vulnerability. No need to train an AI or anything.
Apple could run that algorithm on all images stored in the iCloud, and potentially also on handsets. This would immediately turn up all iThings that are or were compromised using this exploit today or months ago, and help us identify a lot of other NSO customers.