Well, I know the difference in the install procedure, so if any bombs were in there, they won't get installed. I disagree with the rudimentary part in that this was using a specific sender that Bezos would have dropped his guard for. That part takes some level of planning. Doesn't matter if it's China or Saudi Arabia, it's a targeted spoof, not a wide dispersible malware bomb.
FTI isn't an Apple specific firm. Of course the Apple guys, both Apple and security companies, are on edge. Because it means it's either a vulnerability that's not known. Or it could just be user error as everyone suspects. If it's a vulnerability. it should be shared, and not kept secret.