Tag: spy
-
Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone
Apple has updated its Beats Studio Buds wireless earbuds to patch a high-severity vulnerability that could be exploited by nearby hackers to eavesdrop on users.The vulnerability, tracked as CVE-2025-20701 (CVSS score: 8.8), refers to a case of incorrect authorization impacting the Airoha Bluetooth audio SDK that makes it possible to pair a Bluetooth audio device…
-
Apple fixes Beats Studio Buds flaw that let hackers spy on conversations
Apple has released security updates to patch a high-severity flaw affecting the Beats Studio Buds wireless earbuds that could allow attackers in Bluetooth range to spy on users’ conversations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/apple-fixes-beats-studio-buds-flaw-that-let-hackers-spy-on-conversations/
-
China-Nexus Actor Spy on US Researchers Undetected for a Year
Google discovered and disrupted the sprawling campaign, which stole RedCAP credentials to target numerous institutions and exfiltrate sensitive data. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/china-nexus-actor-us-researchers-undetected
-
Velvet Ant Hackers Backdoor OpenSSH and PAM to Spy on Critical Infrastructure Network
Tags: access, authentication, backdoor, china, cyber, hacker, infrastructure, Internet, network, spyA long-running, highly disciplined intrusion attributed to the China-nexus actor known as Velvet Ant has been revealed as a near-decade campaign of silent access that culminated in the replacement of core authentication components OpenSSH binaries and PAM modules across a segregated critical-infrastructure network. The intrusion chain began with compromises of internet-facing systems where the operator…
-
Chinese hackers hijack auth flow, spy on isolated network for a decade
Chinese hackers took control of a target organization’s authentication stack and maintained persistence for 10 years, with full visibility into the administrative activity. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-hackers-hijack-auth-flow-spy-on-isolated-network-for-a-decade/
-
Chinese hackers hijack auth flow, spy on isolated network for a decade
Chinese hackers took control of a target organization’s authentication stack and maintained persistence for 10 years, with full visibility into the administrative activity. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-hackers-hijack-auth-flow-spy-on-isolated-network-for-a-decade/
-
Major US surveillance program poised to lapse after legislative deadlock
It is the first lapse of the spy program, known as Section 702 of the Foreign Intelligence Surveillance Act (FISA), since it was passed into law in 2008. First seen on therecord.media Jump to article: therecord.media/major-us-surveillance-program-set-to-lapse-702-fisa
-
US surveillance law to expire for first time after lawmakers reject Trump’s controversial pick to lead spy agencies
The spy law known as Section 702, which authorizes the NSA and FBI’s warrantless surveillance, will all but certainly expire on Friday for the first time. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/12/us-spy-law-to-expire-for-first-time-after-lawmakers-reject-trumps-controversial-pick-to-lead-spy-agencies/
-
US spy law to expire for first time after lawmakers reject Trump’s controversial pick to lead spy agencies
The spy law known as Section 702, which authorizes the NSA and FBI’s warrantless surveillance, will all but certainly expire on Friday for the first time. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/12/us-spy-law-to-expire-for-first-time-after-lawmakers-reject-trumps-controversial-pick-to-lead-spy-agencies/
-
US spy law to expire for first time after lawmakers reject Trump’s controversial pick to lead spy agencies
The spy law known as Section 702, which authorizes the NSA and FBI’s warrantless surveillance, will all but certainly expire on Friday for the first time. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/12/us-spy-law-to-expire-for-first-time-after-lawmakers-reject-trumps-controversial-pick-to-lead-spy-agencies/
-
Trump Risks Key Surveillance Authority Over ‘Unqualified’ Spy-Chief Pick
US lawmakers are alarmed that Bill Pulte, a housing official with no intelligence experience, is poised to take charge of one of the government’s most powerful surveillance tools. First seen on wired.com Jump to article: www.wired.com/story/trump-risks-key-surveillance-authority-over-unqualified-spy-chief-pick/
-
Hackers pose as women seeking romance to spy on Russian soldiers
The group, dubbed SiribClone by Russian cybersecurity firm F6, has been active since at least the summer of 2025 and has primarily targeted members of the Russian armed forces stationed in border regions and combat zones. First seen on therecord.media Jump to article: therecord.media/hackers-pose-as-women-seeking-romance-russian-military
-
Russia upgrades rules for its digital spy system to better track citizens online
New regulations published by Russia’s Ministry of Digital Development at the end of May updated the technical standards governing SORM, formally known as the System for Operative Investigative Activities. First seen on therecord.media Jump to article: therecord.media/russia-upgrades-rules-for-digital-spy-system-sorm
-
Gamaredon Uses WinRAR Vulnerability to Launch Modular Spy Campaign on Ukrainian Targets
Gamaredon exploits a WinRAR flaw to drop modular, nearly fileless malware on Ukrainian targets, hiding payloads in Windows streams and resolving C2s via Telegram. Sekoia’s Threat Detection & Research team dropped a YARA rule in late December 2025 to hunt for new initial access vectors, and by January 2026 it had already generated a dozen…
-
Gamaredon Uses WinRAR Vulnerability to Launch Modular Spy Campaign on Ukrainian Targets
Gamaredon exploits a WinRAR flaw to drop modular, nearly fileless malware on Ukrainian targets, hiding payloads in Windows streams and resolving C2s via Telegram. Sekoia’s Threat Detection & Research team dropped a YARA rule in late December 2025 to hunt for new initial access vectors, and by January 2026 it had already generated a dozen…
-
China Using LinkedIn to Recruit Government Insiders
Five Eyes Agencies Document 5-Step Chinese Job Platform Spy Scheme. The Five Eyes intelligence agencies issued a rare joint bulletin warning that Chinese military intelligence is using LinkedIn, Indeed, and Upwork to recruit government and military insiders. The operation targets clearance holders, military personnel, academics and journalists. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/china-using-linkedin-to-recruit-government-insiders-a-31861
-
Russia claims foreign spy agencies hacked officials’ phones
In a statement, Russia’s Federal Security Service (FSB) said it had uncovered what it described as a “large-scale operation” involving malicious software installed on the mobile devices of senior Russian officials. First seen on therecord.media Jump to article: therecord.media/russia-claims-foreign-spy-agencies-hacked-gov-officials
-
FSB Group Gamaredon Hides Worm in Windows Data Streams
FSB-linked Gamaredon concealed a fileless worm in NTFS data streams to spy on Ukraine targets First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/gamaredon-worm-ntfs-data-streams/
-
Websites Can Now Spy on You Through Your Hard Drive
Tags: spyThanks to the newly detailed FROST technique, telltale SSD activity can be measured in the browser using simple JavaScript. First seen on wired.com Jump to article: www.wired.com/story/websites-can-now-spy-on-you-through-your-hard-drive/
-
Chinese APTs Share Linux Backdoor in Central Asia Telco Attacks
Showboat doesn’t show off, but clearly it doesn’t need to, as it’s long helped China spy on small market communications providers. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/chinese-apts-linux-backdoor-telco-attacks
-
ODNI taps officials to coordinate response to foreign election threats
Director of National Intelligence Tulsi Gabbard has tapped two individuals to coordinate work across U.S. spy agencies to monitor threats to the 2026 elections, according to multiple sources familiar with the matter. First seen on therecord.media Jump to article: therecord.media/odni-taps-officials-to-coordinate-response-to-election-threats
-
China-Linked Twill Typhoon Uses Fake Apple and Yahoo Sites for Espionage
A new Darktrace report reveals how Chinese hackers use fake Apple and Yahoo sites and the FDMTP malware framework to spy on organisations. First seen on hackread.com Jump to article: hackread.com/chinatwill-typhoon-fake-apple-yahoo-sites-espionage/
-
UAT-8302 Targets Government Agencies With Custom Malware and Open-Source Tools
A new China-linked hacking group, tracked as UAT-8302, that is using custom malware and open-source tools to spy on government organizations in South America and southeastern Europe. The campaign focuses on long-term access and data theft, combining advanced backdoors like NetDraft and CloudSorcerer with aggressive network reconnaissance and credential theft. Researchers assess with high confidence…
-
North Korean APT Targets Yanbian Gamers via Trojanized Platform
ESET warns that North Korean hackers compromised a Yanbian gaming site in a supply”‘chain attack, trojanizing Windows and Android software to spy on users First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/scarcruft-birdcall-android-yanbian/
-
North Koreans Spy on Defectors Via Android Game Apps
Website Popular in Korean Ethnic Enclave in China Hosts Apps Laced With a Backdoor. A North Korean hacking group has been spying on a Korean ethnic enclave in China by infiltrating the Android apps of a regional gaming platform that hosts digital card and board games. Researchers attributed the supply-chain attack to a threat actor…
-
North Korean hackers trojanize gaming platform to spy on ethnic Koreans in China
A gaming platform built for ethnic Koreans in China has been serving backdoored Windows and Android software to its users since late 2024. The platform, sqgame[.]net, hosts … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/05/china-scarcruft-supply-chain-attack/
-
Feds Indict Ex-Hospital Pharmacist for Spying on Co-Workers
Defendant Is Also at Center of a Civil Class Action Against His Former Employer. A federal grand jury has indicted a former Maryland hospital pharmacist, alleging he weaponized tech tools – including keylogging – to steal credentials and spy on nearly 200 co-workers and other individuals over an eight-year period. The defendant is also the…
-
Met Police face criticism for using AI to spy on their own officers
London police officers have been warned by the Metropolitan Police Federation to watch their backs after the force deployed controversial AI software to investigate … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/30/metropolitan-police-ai-monitoring-officers-palantir/
-
House approves spy program on second attempt, Senate fate murky
The bill, which passed 235-191, would renew Section 702 of the Foreign Intelligence Surveillance Act for three years. First seen on therecord.media Jump to article: therecord.media/house-approves-spy-program-on-second-attempt
-
Spy agency officials say job loss anxiety, moving fast ‘safely’ among top challenges in AI workforce overhaul
While tech leaders think about how to strategically deploy AI tools to support human intelligence needs, rank and filers express concerns about their livelihoods. First seen on cyberscoop.com Jump to article: cyberscoop.com/national-geospatial-intelligence-ai-agency-leaders-say-job-loss-safety-top-concerns/