Tag: spyware
-
Chinese Group Accused of Using Fake U.S. Rep. Email to Spy on Trade Talks
The Chinese state-sponsored group APT41 is accused of using a fake email impersonating a U.S. representative containing spyware and sent to government agencies, trade groups, and laws firms to gain information about U.S. strategy in trade talks with China. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/chinese-group-accused-of-using-fake-u-s-rep-email-to-spy-on-trade-talks/
-
Chinese Group Accused of Using Fake U.S. Rep. Email to Spy on Trade Talks
The Chinese state-sponsored group APT41 is accused of using a fake email impersonating a U.S. representative containing spyware and sent to government agencies, trade groups, and laws firms to gain information about U.S. strategy in trade talks with China. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/chinese-group-accused-of-using-fake-u-s-rep-email-to-spy-on-trade-talks/
-
ICE Has Spyware Now
Plus: An AI chatbot system is linked to a widespread hack, details emerge of a US plan to plant a spy device in North Korea, your job’s security training isn’t working, and more. First seen on wired.com Jump to article: www.wired.com/story/ice-has-spyware-now/
-
Sextortion with a twist: Spyware takes webcam pics of users watching porn
Tags: spywareSpyware monitors the infected user’s browser for NSFW content before activating itself. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/09/sextortion-with-a-twist-spyware-takes-webcam-pics-of-users-watching-porn/
-
Breach Roundup: Scattered Lapsus$ Hunters Behind Jaguar Hack
Also, Disney Pays $10M to Settle Child Privacy Case, Spain Scraps Huawei Deal. This week, Jaguar hack, Disney settled a child privacy case, Texas sued PowerSchool and federal prosecutors sued a toy maker. Spain voided a Huawei contract, Pennsylvania AG confirmed a ransomware attack. U.S. immigration enforcement resumed a spyware contract and Baltimore lost $1.5…
-
CISA Adds TP-Link Wi-Fi and WhatsApp Spyware Flaws to KEV List
CISA updates its KEV List with TP-Link Wi-Fi extender and WhatsApp spyware flaws, urging users and agencies to… First seen on hackread.com Jump to article: hackread.com/cisa-tp-link-wi-fi-whatsapp-spyware-flaws-kev-list/
-
Automated Sextortion Spyware Takes Webcam Pics of Victims Watching Porn
A new specimen of “infostealer” malware offers a disturbing feature: It monitors a target’s browser for NSFW content, then takes simultaneous screenshots and webcam photos of the victim. First seen on wired.com Jump to article: www.wired.com/story/stealerium-infostealer-porn-sextortion/
-
Zero-Click Spyware Hits WhatsApp on iOS and macOS
A WhatsApp zero-click flaw exploited in spyware attacks has been patched on iOS and macOS. Update now to protect your devices. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/zero-day-spyware-hits-whatsapp/
-
Android droppers evolved into versatile tools to spread malware
Android droppers now spread banking trojans, SMS stealers, and spyware, disguised as government or banking apps in India and Asia. ThreatFabric researchers warn of a shift in Android malware: dropper apps now deliver not just banking trojans, but also SMS stealers and spyware, mainly in Asia. Google’s Pilot Program enhances Play Protect by scanning Android…
-
ICE Reinstates Contract with Spyware Vendor Paragon
Tags: spywareThe US Immigration agency has resumed a $2m contract with the Graphite spyware developer, now owned by US investor AE Industrial Partners First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ice-reinstated-spyware-paragon/
-
ICE reactivates contract with spyware maker Paragon
Tags: spywareThe Israeli spyware maker now faces the dilemma of whether to continue its relationship with U.S. Immigration and Customs Enforcement and help fuel its mass deportations program. First seen on techcrunch.com Jump to article: techcrunch.com/2025/09/02/ice-reactivates-contract-with-spyware-maker-paragon/
-
ICE reactivates contract with spyware maker Paragon
Tags: spywareThe Israeli spyware maker now faces the dilemma of whether to continue its relationship with U.S. Immigration and Customs Enforcement and help fuel its mass deportations program. First seen on techcrunch.com Jump to article: techcrunch.com/2025/09/02/ice-reactivates-contract-with-spyware-maker-paragon/
-
Mapping the Web of Commercial Spyware: Targets and Attack Chains
A comprehensive new report spanning 2010 to 2025 reveals the ever-evolving landscape of commercial spyware vendors (CSVs), exposing the methods these private firms employ to infiltrate devices, their typical targets, and the infection chains that deliver their covert implants. The study, produced by a leading cybersecurity intelligence firm, underscores the persistent threat posed by CSVs”,…
-
Android Droppers Now Deliver SMS Stealers and Spyware, Not Just Banking Trojans
Cybersecurity researchers are calling attention to a new shift in the Android malware landscape where dropper apps, which are typically used to deliver banking trojans, to also distribute simpler malware such as SMS stealers and basic spyware.These campaigns are propagated via dropper apps masquerading as government or banking apps in India and other parts of…
-
âš¡ Weekly Recap: WhatsApp 0-Day, Docker Bug, Salesforce Breach, Fake CAPTCHAs, Spyware App & More
Cybersecurity today is less about single attacks and more about chains of small weaknesses that connect into big risks. One overlooked update, one misused account, or one hidden tool in the wrong hands can be enough to open the door.The news this week shows how attackers are mixing methods”, combining stolen access, unpatched software, and…
-
WhatsApp 0-Day Exploited in Attacks on Targeted iOS and macOS Users
WhatsApp has patched a critical 0-day (CVE-2025-55177) that allowed zero-click spyware attacks on iOS and Mac users. The… First seen on hackread.com Jump to article: hackread.com/whatsapp-0-day-exploit-attack-targeted-ios-macos-users/
-
New zero-click exploit allegedly used to hack WhatsApp users
WhatsApp warns users targeted by advanced spyware, sending threat notifications to affected individuals from the past 90 days. A new zero-click exploit used to hack WhatsApp users, reported Donncha Ó Cearbhaill, Head of Security Lab at @AmnestyTech. WhatsApp has just sent out a round of threat notifications to individuals they believe were targeted by an…
-
WhatsApp fixes ‘zero-click’ bug used to hack Apple users with spyware
A spyware vendor was behind a recent campaign that abused a vulnerability in WhatsApp to deliver an exploit capable of hacking into iPhones and Macs. First seen on techcrunch.com Jump to article: techcrunch.com/2025/08/29/whatsapp-fixes-zero-click-bug-used-to-hack-apple-users-with-spyware/
-
Fake Facebook Ads Push Brokewell Spyware to Android Users
A Facebook malvertising campaign is spreading the Brokewell spyware to Android users via fake TradingView ads. The malware… First seen on hackread.com Jump to article: hackread.com/fake-facebook-ads-brokewell-spyware-android-users/
-
Gefälschte Facebook-Ads: Malware-Falle für Android-Nutzer
Bitdefender warnt vor einer Malvertising-Kampagne auf Facebook, die Android-Nutzer mit Fake-Anzeigen für eine angeblich kostenlose TradingView-Premium-App täuscht. Statt der App laden Opfer eine neue Version der Malware Brokewell herunter ein Spyware- und Remote-Access-Trojaner, der Geräte ausspioniert, fernsteuert und sensible Daten sowie Kryptowährungen stiehlt. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/facebook-malware-android
-
New Malware Exploits TASPEN Legacy Systems to Target Indonesian Elderly
Threat actors are leveraging the trusted brand of Indonesia’s state pension fund, PT Dana Tabungan dan Asuransi Pegawai Negeri (Persero), or TASPEN, to deploy a malicious Android application disguised as an official portal. This banking trojan and spyware targets pensioners and civil servants, exploiting legacy systems and digital transformation vulnerabilities to steal sensitive data including…
-
Transparent Tribe Deploys Malicious Files Against India Govt
Pakistan-Linked Threat Actor Targets Indian Linux Operation System. Pakistan-linked hackers are targeting an Indian Linux-based operating system by tricking government employees into clicking malicious files that look like PDFs. When opened, the files install spyware, giving attackers long-term access to sensitive government systems. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/transparent-tribe-deploys-malicious-files-against-india-govt-a-29305
-
New Android Hook Malware Variant Locks Devices With Ransomware
Zimperium’s research reveals the Hook Android malware is now a hybrid threat, using ransomware and spyware to steal… First seen on hackread.com Jump to article: hackread.com/android-hook-malware-variant-locks-devices-ransomware/
-
A new security flaw in TheTruthSpy phone spyware is putting victims at risk
Exclusive: Hackers can take over the accounts of TheTruthSpy spyware customers, putting their victims’ private phone data at risk thanks to a new security flaw. First seen on techcrunch.com Jump to article: techcrunch.com/2025/08/25/a-new-security-flaw-in-thetruthspy-phone-spyware-is-putting-victims-at-risk/
-
New Android Spyware Masquerading as Antivirus Targets Business Executives
Doctor Web’s antivirus laboratory has identified a sophisticated Android backdoor malware, designated Android.Backdoor.916.origin, which has been evolving since its initial detection in January 2025. This multifunctional spyware primarily targets representatives of Russian businesses through targeted attacks rather than mass distribution. Attackers disseminate the malicious APK file via private messages in popular messengers, disguising it as…
-
Android.Backdoor.916.origin malware targets Russian business executives
New Android spyware Android.Backdoor.916.origin is disguised as an antivirus linked to Russia’s intelligence agency FSB, and targets business executives. Doctor Web researchers observed a multifunctional backdoor Android.Backdoor.916.origin targeting Android devices belonging to representatives of Russian businesses. The malware executes attacker commands, enabling surveillance, keylogging, and theft of chats, browser data, and even live camera/audio streams.…
-
Apple Patches Zero-Day Flaw Used in ‘Sophisticated’ Attack
CVE-2025-43300 is the latest zero-day bug used in cyberattacks against targeted individuals, which could signify spyware or nation-state hacking. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/apple-zero-day-flaw-sophisticated-attack
-
Legitimate Chrome VPN with 100K+ Installs Secretly Captures Screenshots and Exfiltrates Sensitive Data
A Chrome extension marketed as FreeVPN.One, boasting over 100,000 installations, a verified badge, and featured placement in the Chrome Web Store, has been exposed as spyware that silently captures screenshots of users’ browsing activities and exfiltrates them to remote servers. Despite its privacy policy explicitly stating that the developer does not collect or use user…
-
Legitimate Chrome VPN Extension Turns to Browser Spyware
Researchers detected that FreeVPN.One, a longstanding Chrome Web Store VPN extension, recently turned into spyware First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chrome-vpn-extension-spyware/
-
Security Affairs newsletter Round 536 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Embargo Ransomware nets $34.2M in crypto since April 2024 Germany limits police spyware use to serious…