This site uses cookies to improve your experience. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country, we will assume you are from the United States. Select your Cookie Settings or view our Privacy Policy and Terms of Use.
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Used for the proper function of the website
Used for monitoring website traffic and interactions
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Strictly Necessary: Used for the proper function of the website
Performance/Analytics: Used for monitoring website traffic and interactions
court ruled in favor of WhatsApp against NSO Group, holding the spyware vendor liable for exploiting a flaw to deliver Pegasus spyware. court over exploiting a vulnerability to deliver Pegasus spyware. ” reads the court document. WhatsApp won a legal case against NSO Group in a U.S. ” The U.S.
New LightSpy spyware targets iPhones supporting destructive features that can block compromised devices from booting up. In May 2024, ThreatFabric researchers discovered a macOS version of LightSpy spyware that has been active in the wild since at least January 2024. The updated iOS version (7.9.0) The updated iOS version (7.9.0)
Researchers warn of previously undetected surveillance spyware, named NoviSpy, that was found infecting a Serbian journalist’s phone. First, forensic traces showed that Serbian police used a Cellebrite tool to unlock and extract data from his device without informing him, obtaining legal consent, or disclosing the searchs purpose.
Meta announced the disruption of a malware campaign via WhatsApp that targeted journalists with the Paragon spyware. Meta announced that discovered and dismantled a malware campaign via WhatsApp that targeted journalists and civil society members with the Paragon spyware (aka Graphite). reads the court document.
Researchers found an updated LightSpy spyware with enhanced data collection features targeting social media platforms like Facebook and Instagram. have found an updated version of the LightSpy spyware that supports an expanded set of data collection features to target social media platforms like Facebook and Instagram.
Since March 2025, fake contract emails have been spreading Batavia spyware in targeted attacks on Russian organizations. Since March 2025, a targeted phishing campaign against Russian organizations has used fake contract-themed emails to spread the Batavia spyware, a new malware designed to steal internal documents.
Since March 2025, fake contract emails have been spreading Batavia spyware in targeted attacks on Russian organizations. Since March 2025, a targeted phishing campaign against Russian organizations has used fake contract-themed emails to spread the Batavia spyware, a new malware designed to steal internal documents.
North Korea-linked APT group ScarCruft used a new Android spyware dubbed KoSpy to target Korean and English-speaking users. Kaspersky first documented the operations of the group in 2016. Lookout researchers attributed the spyware to the ScarCruft group with medium confidence.
A new Android spyware was discovered in a fake Alpine Quest app, reportedly used by Russian soldiers for war zone planning. Doctor Web researchers uncovered a new spyware, tracked as Android.Spy.1292.origin, Once the trojan gathers file information, attackers can instruct it to download and run extra modules to steal specific data.
Amnesty International documented the incident. The forensics analysis conducted by Amnesty found that the Serbian police used the Cellbrite’s exploit to unlock Vedran’s Samsung Galaxy A32 and install an unknown Android application likely linked with NoviSpy spyware. added Donncha Cearbhaill.
The researchers analyzed multiple samples of the malware and gained access to internal documents obtained from open directories on attacker infrastructure. These documents suggest the existence of an iOS conversion of the spyware that has yet to be uncovered.
North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates Critical Sudo bugs expose major Linux distros to local Root exploits Google fined $314M for misusing idle Android users’ data A flaw in Catwatchful spyware exposed logins of +62,000 users China-linked group Houken hit French organizations using zero-days Data (..)
CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office US DoJ charges five alleged members of the Scattered Spider cybercrime gang Threat actor (..)
Attacks on Middle Eastern countries Ballista New IoT Botnet Targeting Thousands of TP-Link Archer Routers Microsoft patches Windows Kernel zero-day exploited since 2023 Trump Cryptocurrency Delivers ConnectWise RAT EMERGING THREATS LockBit 4.0
million patients Crooks exploit the death of Pope Francis WhatsApp introduces Advanced Chat Privacy to protect sensitive communications Android spyware hidden in mapping software targets Russian soldiers Crypto mining campaign targets Docker environments with new evasion technique The popular xrpl.js
CISA adds Ivanti Connect Secure, Policy Secure and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog A member of the Scattered Spider cybercrime group pleads guilty The controversial case of the threat actor EncryptHub PoisonSeed Campaign uses stolen email credentials to spread crypto seed scams and and empty wallets EDR-as-a-Service (..)
CVSS) in IOS XE That Enables Root Exploits via JWT Internet tracking: How and why were followed online Google to pay Texas $1.4 CVSS) in IOS XE That Enables Root Exploits via JWT Internet tracking: How and why were followed online Google to pay Texas $1.4
The threat actors used by spyware to take over the target systems, spy on the victims, and exfiltrate data. ” The attack chain begins with spear-phishing messages that include a link to an alleged important document to download. The link points to files containing spyware that could infect both Mac OS or Windows systems.
Researchers at Amnesty International collected evidence that a Moroccan journalist was targeted with network injection attacks using NSO Group ‘s spyware. The post Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware appeared first on Security Affairs. ” states the report.
The attacks aimed at installing the surveillance spyware Predator, developed by the North Macedonian firm Cytrox. ” In December a report published by CitizenLab, when its researchers detailed the use of the Predator Spyware against exiled politician Ayman Nour and the host of a popular news program. To nominate, please visit:?
Lookout researchers provided details about two Android spyware families employed by an APT group tracked as Confucius. Researchers at mobile security firm Lookout have provided details about two recently discovered Android spyware families, dubbed Hornbill and SunBird, used by an APT group named Confucius. Pierluigi Paganini.
Facebook advocates have challenged a plea from spyware maker NSO Group to dismiss the legal dispute over the hacking accusations, arguing it has immunity from prosecution. Now both companies are providing technical details requested by the cyber-security experts. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.
Threat actors infected the iPhone of New York Times journalist Ben Hubbard with NSO Group’s Pegasus spyware between June 2018 to June 2021. The iPhone of New York Times journalist Ben Hubbard was repeatedly infected with NSO Group’s Pegasus spyware. The device was compromised two times, in July 2020 and June 2021.
Researchers warn of a renewed cyber espionage campaign targeting users in South Asia with the Apple iOS spyware LightSpy Blackberry researchers discovered a renewed cyber espionage campaign targeting South Asia with an Apple iOS spyware called LightSpy.
A threat actor, tracked as APT C-23, is using new powerful Android spyware in attacks aimed at targets in the Middle East. The APT C-23 cyberespionage group (also known as GnatSpy, FrozenCell, or VAMP) continues to target entities in the Middle East with enhanced Android spyware masqueraded as seemingly harmless app updates (i.e.
The malware also allows attackers to capture screenshots and exfiltrate stolen documents to the attackers’ server. The post XCSSET Mac spyware spreads via Xcode Projects appeared first on Security Affairs. The malware also implements ransomware behavior, it is able to encrypt files and display a ransom note. Pierluigi Paganini.
Researchers from ThreatFabric discovered a macOS version of the LightSpy spyware that has been active in the wild since at least January 2024. The macOS version of LightSpy supports 10 plugins to exfiltrate private information from devices. However, their potential functionality is known based on panel analysis.”
Facebook fixed a critical zero-day flaw in WhatsApp that has been exploited to remotely install spyware on phones by calling the targeted device. Facebook has recently patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device.
Lookout Threat Lab researchers uncovered enterprise-grade Android surveillance spyware, named Hermit, used by the government of Kazakhstan to track individuals within the country. According to Lookout, the Hermit spyware was likely developed by Italian surveillance vendor RCS Lab S.p.A ” reads the analysis published by Lookout.
Citizen Lab uncovered a new zero-click iMessage exploit that was used to deploy the NSO Group’s Pegasus spyware on devices belonging to Bahraini activists. Researchers from Citizen Lab spotted a zero-click iMessage exploit that was used to deploy NSO Group’s Pegasus spyware on Bahraini activists’ devices.
Researchers spotted previously undocumented spyware, dubbed CloudMensis, that targets the Apple macOS systems. The malware was designed to spy on the target systems, exfiltrate documents, acquire keystrokes, and screen captures. Experts have yet to determine how the victims are initially compromised by this spyware.
A Togolese human rights advocate was hit by mobile spyware that has been allegedly developed by an Indian firm called Innefu Labs. Experts believe the attackers used a spyware developed by an Indian company called Innefu Labs. In the past, the Donot Team spyware was found in attacks outside of South Asia. Pierluigi Paganini.
FormBook is a data-stealing malware that is used in cyber espionage campaigns, like other spyware it is capable of extracting data from HTTP sessions, keystroke logging, stealing clipboard contents. The post XLoader, a $49 spyware that could target both Windows and macOS devices appeared first on Security Affairs.
Experts from Amnesty International uncovered a surveillance campaign that targeted Egyptian civil society organizations with a new version of FinSpy spyware. Amnesty International has not documented human rights violations by NilePhish directly linked to FinFisher products.” ” reads the Amnesty’s report.
Apple drops its lawsuit against commercial spyware vendor NSO Group, due to the risk of “threat intelligence” information exposure. Apple is seeking to drop its lawsuit against Israeli spyware company NSO Group , citing the risk of “threat intelligence” information exposure.
Leaked documents show the surveillance firm Intellexa offering exploits for iOS and Android devices for $8 Million. The Vx-undergroud researchers shared some images of several confidential documents that appear to be the commercial offer of Intellect. Threat actors could use these exploits by tricking targets into clicking on a link.
Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp Cybercrime BlackCat Ransomware Affiliate TTPs American Express credit cards EXPOSED in third-party vendor data breach – account numbers and names among details accessed in hack LockBit 3.0’S
Agent Tesla is a spyware that is used to spy on the victims by collecting keystrokes, system clipboard, screenshots, and credentials from the infected system. To do this, the spyware creates different threads and timer functions in the main function.
On February 16th, an account linked to that email uploaded a batch of files including marketing documents, images, screenshots, and a substantial collection of WeChat messages exchanged between I-SOON employees and clients. The alleged data breach revealed the capabilities of the China-linked hacking contractor.
TechCrunch reported that a zero-day exploits for popular applications like WhatsApp “are now worth millions of dollars” TechCrunch obtained leaked documents that demonstrate that, as of 2021, a zero-click, zero-day exploit for the Android version of WhatsApp had a bounty between $1.7 and $8 million.
The Vermin group attempted to deploy two malicious codes in this campaign, the previously known Spectr spyware, and a new malware family dubbed Firmachagent. “The PowerShell code is designed to download components of the SPECTR malware (which steals documents, screenshots, browser data, etc.)
In May, Facebook has patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device. In October 2019, WhatsApp sued the Israeli surveillance firm NSO Group accusing it of carrying out malicious attacks against its users.
The archive contains LNK (shortcut) files that extract and execute JavaScript code while displaying a decoy document (usually a photo of an ID, credit card, or a bill to prove the physical address).
We organize all of the trending information in your field so you don't have to. Join 28,000+ users and stay up to date on the latest articles your peers are reading.
You know about us, now we want to get to know you!
Let's personalize your content
Let's get even more personalized
We recognize your account from another site in our network, please click 'Send Email' below to continue with verifying your account and setting a password.
Let's personalize your content