Tag: spyware
-
Khashoggi widow files complaint in France alleging Saudi government infected devices with spyware
A French judge will determine whether investigators should proceed with a complaint from the widow of slain writer Jamal Khashoggi alleging that Saudi Arabia deployed spyware on her devices before his killing. First seen on therecord.media Jump to article: therecord.media/khashoggi-widow-legal-complaint-filed-alleging-saudi-government-spyware
-
ClayRat Android Spyware Expands Capabilities
A new version of ClayRat Android spyware features enhanced surveillance and device-control features First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/clayrat-android-spyware-upgraded/
-
Defense bill addresses secure phones, AI training, cyber troop mental health
The compromise legislation has other cyber provisions besides on commercial spyware, joint NSA-Cyber Command leadership and streamlining regulations. First seen on cyberscoop.com Jump to article: cyberscoop.com/2026-ndaa-cybersecurity-secure-phones-ai-training-cyber-troop-mental-health/
-
Apple and Google Alert Users Worldwide After New Spyware Activity Surfaces
Evidence shows that certain people have been targeted by malicious actors, often linked to governments or state-backed groups. The post Apple and Google Alert Users Worldwide After New Spyware Activity Surfaces appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-apple-google-spyware-alert/
-
Google, Apple Warn of State-Linked Surveillance Threats
Google and Apple have released new global cyber threat notifications, alerting users across dozens of countries to potential targeting by state-linked hackers. The latest warnings reflect growing concerns about government-backed surveillance operations and the expanding commercial spyware marketplace. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/google-apple-spyware-threat-alerts/
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 74
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Analysis of ShadowPad Attack Exploiting WSUS Remote Code Execution Vulnerability (CVE-2025-59287) Shai-Hulud 2.0 Supply Chain Attack: 25K+ npm Repos Exposed Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications Morphisec Thwarts Russian-Linked…
-
Arizona Sues Temu Over Covert Data Harvesting Claims
Arizona’s lawsuit claims Temu’s popular app acts like spyware and harvests sensitive device data. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/arizona-sues-temu-over-covert-data-harvesting-claims/
-
New Variant of ClayRat Android Spyware Seize Full Device Control
The dangerous ClayRat Android spyware has evolved, gaining the ability to steal PINs, record screens, and disable security by abusing Accessibility Services. Users must beware of fake apps spreading through phishing sites and Dropbox. First seen on hackread.com Jump to article: hackread.com/clayrat-android-spyware-variant-device-control/
-
Intellexa Leaks Reveal Zero-Days and Ads-Based Vector for Predator Spyware Delivery
A human rights lawyer from Pakistan’s Balochistan province received a suspicious link on WhatsApp from an unknown number, marking the first time a civil society member in the country was targeted by Intellexa’s Predator spyware, Amnesty International said in a report.The link, the non-profit organization said, is a “Predator attack attempt based on the technical…
-
Predator Spyware Maker Intellexa Evades Sanctions, New Victims Identified
Data leaks have shed a new light on Intellexa’s flagship spyware infrastructure and attack vectors First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/predator-spyware-intellexa-evades/
-
New iOS Zero-Day Exploit Chain Enables Advanced Surveillance by Mercenary Spyware
Despite extensive scrutiny and public reporting, commercial surveillance vendors continue to operate with alarming sophistication. Intellexa, a prominent mercenary spyware provider known for its >>Predator
-
Intellexa remotely accessed Predator spyware customer systems, investigation finds
It was one of a trio of reports about the spyware vendor over the course of a day, with additional evidence about further infections among the findings. First seen on cyberscoop.com Jump to article: cyberscoop.com/intellexa-remotely-accessed-predator-spyware-customer-systems-investigation-finds/
-
Predator spyware uses new infection vector for zero-click attacks
The Predator spyware from surveillance company Intellexa has been using a zero-click infection mechanism dubbed “Aladdin” that compromised specific targets when simply viewing a malicious advertisement. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/predator-spyware-uses-new-infection-vector-for-zero-click-attacks/
-
Sanctioned spyware maker Intellexa had direct access to government espionage victims, researchers say
Based on a leaked video, security researchers alleged that Intellexa staffers have remote live access to their customers’ surveillance systems, allowing them to see hacking targets’ personal data. First seen on techcrunch.com Jump to article: techcrunch.com/2025/12/04/sanctioned-spyware-maker-intellexa-had-direct-access-to-government-espionage-victims-researchers-say/
-
Researchers find Predator spyware is being used in several countries, including Iraq
Researchers also found indicators “likely associated” with the use of Predator spyware by an entity tied to Pakistan. First seen on therecord.media Jump to article: therecord.media/intellexa-predator-spyware-continues-despite-sanctions
-
DevilsTongue Spyware Targets Windows Users Across Multiple Countries
Researchers at Insikt Group have uncovered new infrastructure linked to multiple operational clusters associated with Israeli spyware vendor Candiru, revealing an ongoing campaign deploying the sophisticated DevilsTongue malware against Windows users across several nations. The discovery highlights the persistent threat posed by commercial surveillance tools despite international regulatory efforts to curb their abuse. The investigation…
-
DevilsTongue Spyware Targets Windows Users Across Multiple Countries
Researchers at Insikt Group have uncovered new infrastructure linked to multiple operational clusters associated with Israeli spyware vendor Candiru, revealing an ongoing campaign deploying the sophisticated DevilsTongue malware against Windows users across several nations. The discovery highlights the persistent threat posed by commercial surveillance tools despite international regulatory efforts to curb their abuse. The investigation…
-
Stealthy browser extensions waited years before infecting 4.3M Chrome, Edge users with backdoors and spyware
And some are still active in the Microsoft Edge store First seen on theregister.com Jump to article: www.theregister.com/2025/12/01/chrome_edge_malicious_browser_extensions/
-
ShadyPanda Turns Popular Browser Extensions with 4.3 Million Installs Into Spyware
A threat actor known as ShadyPanda has been linked to a seven-year-long browser extension campaign that has amassed over 4.3 million installations over time.Five of these extensions started off as legitimate programs before malicious changes were introduced in mid-2024, according to a report from Koi Security, attracting 300,000 installs. These extensions have since been taken…
-
North Korea’s >>Contagious Interview<< Floods npm with 200 New Packages, Using Fake Crypto Jobs to Deploy OtterCookie Spyware
The post North Korea’s >>Contagious Interview
-
North Korea’s >>Contagious Interview<< Floods npm with 200 New Packages, Using Fake Crypto Jobs to Deploy OtterCookie Spyware
The post North Korea’s >>Contagious Interview
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 73
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Analysis of ShadowPad Attack Exploiting WSUS Remote Code Execution Vulnerability (CVE-2025-59287) Shai-Hulud 2.0 Supply Chain Attack: 25K+ npm Repos Exposed Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications Morphisec Thwarts Russian-Linked…
-
Cyberbehörde warnt: Signal- und Whatsapp-Nutzer laufend mit Spyware attackiert
Zuletzt sind wiederholt Spyware-Attacken auf Nutzer von Whatsapp und Signal beobachtet worden. Die Cisa warnt und benennt Schutzmaßnahmen. First seen on golem.de Jump to article: www.golem.de/news/cyberbehoerde-warnt-signal-und-whatsapp-nutzer-laufend-mit-spyware-attackiert-2511-202654.html
-
State-backed spyware attacks are targeting Signal and WhatsApp users, CISA warns
CISA, the US Cybersecurity and Infrastructure Security Agency, has issued a new warning that cybercriminals and state-backed hacking groups are using spyware to compromise smartphones belonging to users of popular encrypted messaging apps such as Signal, WhatsApp, and Telegram. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/state-backed-spyware-attacks-are-targeting-signal-and-whatsapp-users-cisa-warns
-
Spyware Abuse of Signal and WhatsApp Targeting US Officials
Cyber Advisory Cites Abuse of Linked Devices to Monitor Sensitive Communications. The U.S cyber defense agency issued an alert outlining how commercial spyware and state-aligned groups are abusing messaging-app features through malicious QR-based linking and zero-click exploitation to monitor U.S. government, military and other high-profile figures. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/spyware-abuse-signal-whatsapp-targeting-us-officials-a-30133
-
Spyware Abuse of Signal and WhatsApp Targeting US Officials
Cyber Advisory Cites Abuse of Linked Devices to Monitor Sensitive Communications. The U.S cyber defense agency issued an alert outlining how commercial spyware and state-aligned groups are abusing messaging-app features through malicious QR-based linking and zero-click exploitation to monitor U.S. government, military and other high-profile figures. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/spyware-abuse-signal-whatsapp-targeting-us-officials-a-30133
-
CISA urges mobile security as it warns of sophisticated spyware attacks
The agency’s rare warning about spyware activity comes as it updated mobile security guidance to reflect evolving threats. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-spyware-alert-messaging-apps-security-warning/806429/
-
CISA urges mobile security as it warns of sophisticated spyware attacks
The agency’s rare warning about spyware activity comes as it updated mobile security guidance to reflect evolving threats. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-spyware-alert-messaging-apps-security-warning/806429/