Security Affairs

MARCH 19, 2025

WhatsApp fixed a zero-click, zero-day vulnerability used to install Paragon’s Graphite spyware on the devices of targeted individuals. WhatsApp has addressed a zero-click, zero-day vulnerability exploited to install Paragon’s Graphite spyware on the devices of targeted individuals.

Spyware 95

Spyware Hacking Surveillance Media 95

Security Affairs

NOVEMBER 1, 2024

New LightSpy spyware targets iPhones supporting destructive features that can block compromised devices from booting up. In May 2024, ThreatFabric researchers discovered a macOS version of LightSpy spyware that has been active in the wild since at least January 2024. The updated iOS version (7.9.0) The updated iOS version (7.9.0)

Spyware 98

Spyware Media Hacking Malware 98

Security Affairs

APRIL 16, 2025

Attackers infiltrated the supply chain, embedding malware in pre-installed apps. The experts found malware-laced applications pre-installed on the phone. The malware injected via LSPatch into ~40 legitimate-looking apps, including messengers and QR scanners, is dubbed dubbed Shibai. ” continues the report.

Malware 128

Malware Manufacturing Mobile Spyware 128

Security Affairs

NOVEMBER 19, 2024

Volexity researchers discovered a vulnerability in Fortinet’s Windows VPN client that China-linked threat actor BrazenBamboo abused in their DEEPDATA malware. BrazenBamboo is known to be the author of other malware families, including LIGHTSPY , DEEPDATA, and DEEPPOST. Audio Record audio on compromised devices.

VPN 118

VPN Malware Spyware Authentication 118

Security Affairs

JUNE 29, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Ransomware Gangs Collapse as Qilin Seizes Control Dissecting a Python Ransomware distributed through GitHub repositories SparkKitty, SparkCat’s little brother: A new Trojan spy found in the App Store and Google Play (..)

Malware 89

Malware Spyware Cyber Attacks Technology 89

Security Affairs

JULY 4, 2025

A flaw in Catwatchful spyware exposed logins of 62,000 users, turning the spy tool into a data leak, security researcher Eric Daigle revealed. A flaw in the Catwatchful Android spyware exposed its full user database, leaking email addresses and plaintext passwords of both customers and its admin, TechCrunch first reported.

Spyware 78

Spyware Passwords Surveillance Data collection 78

Schneier on Security

NOVEMBER 24, 2021

Piling more on NSO Group’s legal troubles, Apple is suing it : The complaint provides new information on how NSO Group infected victims’ devices with its Pegasus spyware. NSO Group’s Pegasus spyware is favored by totalitarian governments around the world, who use it to hack Apple phones and computers.

Spyware 350

Spyware Hacking Government Malware 350

Malwarebytes

JANUARY 9, 2025

Small businesses and boutique organizations should use caution when leaning on browser-friendly artificial intelligence (AI) tools to generate ideas, content, and marketing copy, as a set of Google Chrome extensions were recently compromised to deliver info-stealing malware disguised as legitimate updates.

Malware 123

Malware Small Business Artificial Intelligence VPN 123

Security Affairs

APRIL 23, 2025

A new Android spyware was discovered in a fake Alpine Quest app, reportedly used by Russian soldiers for war zone planning. Doctor Web researchers uncovered a new spyware, tracked as Android.Spy.1292.origin, Once the trojan gathers file information, attackers can instruct it to download and run extra modules to steal specific data.

Spyware 83

Spyware Software Malware Hacking 83

Security Affairs

MARCH 13, 2025

North Korea-linked APT group ScarCruft used a new Android spyware dubbed KoSpy to target Korean and English-speaking users. Lookout researchers attributed the spyware to the ScarCruft group with medium confidence. Lookout researchers attributed the spyware to the ScarCruft group with medium confidence.

Spyware 79

Spyware Surveillance Encryption Malware 79

SecureList

JUNE 23, 2025

In January 2025, we uncovered the SparkCat spyware campaign , which was aimed at gaining access to victims’ crypto wallets. The malware was distributed through unofficial sources as well as Google Play and App Store. The threat actor distributed apps containing a malicious SDK/framework. xml version="1.0" encoding="UTF-8"?>

Spyware 131

Spyware Malware Cryptocurrency Scams 131

Security Affairs

JUNE 15, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Supply chain attack hits Gluestack NPM packages with 960K weekly downloads Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721 Destructive npm Packages Disguised as Utilities Enable Remote (..)

Malware 74

Malware Spyware Ransomware Hacking 74

Security Affairs

NOVEMBER 16, 2024

NSO Group developed malware that relied on WhatsApp exploits to infect target individuals even after the Meta-owned instant messaging company sued the surveillance firm. ” NSO Group continued using WhatsApp exploits, including spyware called “Erised,” even after being sued for violating anti-hacking laws. .

Spyware 118

Spyware Surveillance Malware Hacking 118

Security Affairs

APRIL 8, 2025

In March 2025, WhatsApp addressed a zero-click, zero-day vulnerability exploited to install Paragons Graphite spyware on the devices of targeted individuals. WhatsApp blocked a spyware campaign by Paragon targeting journalists and civil society members after reports of the Citizen Lab group from the University of Toronto.

Spyware 116

Spyware Surveillance Media Hacking 116

Security Affairs

NOVEMBER 10, 2021

South Korean users have been targeted with a new sophisticated Android spyware, tracked as PhoneSpy, as part of an ongoing campaign. Researchers from Zimperium zLabs uncovered an ongoing campaign aimed at infecting the mobile phones of South Korean users with new sophisticated android spyware dubbed PhoneSpy. Zimperium concludes.

Spyware 145

Spyware Mobile Social Engineering Surveillance 145

Security Affairs

AUGUST 7, 2024

A previously unknown Android Spyware, dubbed LianSpy, has been targeting Russian users since at least 2021. In March 2024, cybersecurity researchers from Kaspersky discovered previously unknown Android spyware dubbed LianSpy. This AES key is then encrypted using a hardcoded public RSA key embedded in the spyware.

Spyware 143

Spyware Malware Encryption Data collection 143

Security Affairs

FEBRUARY 2, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 73

Malware Spyware Ransomware Hacking 73

Security Affairs

APRIL 13, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Lazarus Expands Malicious npm Campaign: 11 New Packages Add Malware Loaders and Bitbucket Payloads BadBazaar: iOS and Android Surveillanceware by Chinas APT15 Used to Target Tibetans and Uyghurs GOFFEE continues to attack (..)

Malware 74

Malware Spyware Government Mobile 74

Security Affairs

JANUARY 5, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 66

Malware Spyware Ransomware Hacking 66

Security Affairs

DECEMBER 16, 2020

Security experts spotted a new malware strain, named Goontact, that allows its operators to spy on both Android and iOS users. Security researchers from Lookout have discovered new spyware, dubbed Goontcat, that could target both Android and iOS users. The spyware is likely used as part of a sextortion campaign.

Spyware 143

Spyware Mobile Surveillance Malware 143

Krebs on Security

NOVEMBER 13, 2019

In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT , a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. This week, Canadian authorities criminally charged him with orchestrating an international malware scheme.

Malware 244

Malware Advertising Marketing System Administration 244

Adam Levin

NOVEMBER 26, 2019

The data contained a wide array of records, including full names, credit card details, client login information, email addresses, home addresses and hotel reservations. The personally identifiable information of children was included in several of the records.

B2B 295

B2B Spyware VPN Phishing 295

Security Affairs

MARCH 2, 2024

Court ordered surveillance firm NSO Group to hand over the source code for its Pegasus spyware and other products to Meta. Meta won the litigation against the Israeli spyware vendor NSO Group , a U.S. from April 29, 2018, to May 10, 2020). from April 29, 2018, to May 10, 2020).

Spyware 143

Spyware Surveillance Architecture Software 143

Security Affairs

FEBRUARY 11, 2021

Lookout researchers provided details about two Android spyware families employed by an APT group tracked as Confucius. Researchers at mobile security firm Lookout have provided details about two recently discovered Android spyware families, dubbed Hornbill and SunBird, used by an APT group named Confucius.

Spyware 143

Spyware Surveillance Malware Mobile 143

Security Affairs

DECEMBER 8, 2024

warn of PRC-linked cyber espionage targeting telecom networks U.S. Hackers stole millions of dollars from Uganda Central Bank International Press Newsletter Cybercrime INTERPOL financial crime operation makes record 5,500 arrests, seizures worth over USD 400 million Hackers Stole $1.49

Artificial Intelligence 103

Artificial Intelligence Spyware Hacking Ransomware 103

Malwarebytes

APRIL 28, 2021

Using a proven method of text messages about missed deliveries, an old player on the Android malware stage has returned for an encore. This time it seems to be very active, especially in the UK where Android users are being targeted by text messages containing a link to a particularly nasty piece of spyware called Flubot.

Spyware 139

Spyware Banking Malware Passwords 139

Security Affairs

NOVEMBER 3, 2023

Kaspersky researchers are warning of multiple WhatsApp mods that embed a spyware module dubbed CanesSpy. Kaspersky researchers discovered multiple WhatsApp mods that embed a spyware module dubbed CanesSpy. The bad news is that, in some cases, threat actors spread malware-laced mods to infect as many devices as possible.

Spyware 136

Spyware Malware Mobile Advertising 136

Dark Reading

JULY 21, 2022

The CloudMensis spyware, which can lift reams of sensitive information from Apple machines, is the first Mac malware observed to exclusively rely on cloud storage for C2 activities.

Spyware 129

Spyware Malware 129

Security Affairs

JANUARY 17, 2024

Researchers devised a “lightweight method,” called iShutdown, to determine whether Apple iOS devices have been infected with spyware. Cybersecurity researchers from Kaspersky have identified a “lightweight method,” called iShutdown, to identify the presence of spyware on Apple iOS devices.

Spyware 140

Spyware Mobile Malware Surveillance 140

Krebs on Security

MAY 30, 2019

Federal Communications Commission (FCC), executed a search warrant in tandem with the Royal Canadian Mounted Police (RCMP) at the home of a Toronto software developer behind the Orcus RAT , a product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015.

Computers and Electronics 255

Computers and Electronics Malware Software Telecommunications 255

Security Affairs

DECEMBER 3, 2021

Apple warns that the mobile devices of at least nine US Department of State employees were compromised with NSO Group ‘s Pegasus spyware. The iPhones of at least nine US state department officials were compromised with the NSO Group’s spyware Pegasus. “Apple Inc iPhones of at least nine U.S.

Spyware 133

Spyware Surveillance Hacking Government 133

SecureList

MAY 15, 2025

Percentage of ICS computers on which denylisted internet resources were blocked, Jan 2022Mar 2025 Changes in the percentage of ICS computers on which initial-infection malware was blocked lead to changes in the percentage of next-stage malware. times more than in the previous quarter) and malicious documents (1.1 pp) respectively.

Spyware 85

Spyware Phishing Internet Internet 85

The Hacker News

MAY 6, 2024

Cybersecurity researchers have discovered a new information stealer targeting Apple macOS systems that's designed to set up persistence on the infected hosts and act as a spyware. Dubbed Cuckoo by Kandji, the malware is a universal Mach-O binary that's capable of running on both Intel- and Arm-based Macs.

Spyware 129

Spyware Malware Cybersecurity 129

Security Affairs

JULY 30, 2024

A new version of the Mandrake Android spyware has been found in five apps on Google Play, which have been downloaded over 32,000 times since 2022. Researchers from Kaspersky discovered a new version of the Mandrake Android spyware in five app on Google Play, totaling over 32,000 downloads between 2022 and 2024.

Spyware 127

Spyware Malware Mobile Marketing 127

Security Affairs

MAY 30, 2024

Researchers from ThreatFabric discovered a macOS version of the LightSpy spyware that has been active in the wild since at least January 2024. The macOS version of LightSpy supports 10 plugins to exfiltrate private information from devices. The flaw resides in WebKit and impacts macOS version 10.13.3 and iOS versions before 11.4.

Spyware 137

Spyware Malware Surveillance Mobile 137

Krebs on Security

SEPTEMBER 12, 2023

7, researchers at Citizen Lab warned they were seeing active exploitation of a “zero-click,” zero-day flaw to install spyware on iOS devices without any interaction from the victim. Citizen Lab says the bug it discovered was being exploited to install spyware made by the Israeli cyber surveillance company NSO Group.

Spyware 325

Spyware Software Surveillance Authentication 325

Security Affairs

NOVEMBER 24, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Android Malware Detection Based on Behavioral-Level Features with Graph Convolutional Networks.

Malware 63

Malware Spyware Antivirus VPN 63