Tag: spyware
-
Malware Attacks on Android Devices Surge in Q2, Driven by Banking Trojans and Spyware
Dr.Web Security Space for mobile devices reported that malware activity on Android devices increased significantly in the second quarter of 2025. Adware trojans, particularly from the Android.HiddenAds family, remained the most prevalent threat, despite an 8.62% decrease in user encounters. These trojans often disguise themselves as harmless apps or hide within system directories, concealing their…
-
‘Batavia’ Windows spyware campaign targets dozens of Russian orgs
A previously undocumented spyware called ‘Batavia’ has been targeting large industrial enterprises in Russia in a phishing email campaign that uses contract-related lures. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/batavia-windows-spyware-campaign-targets-dozens-of-russian-orgs/
-
Batavia Spyware Targets Employees via Weaponized Word Documents Delivering Malware Payloads
Batavia, an unidentified spyware, has been using a sophisticated phishing operation to target Russian industrial organizations since July 2024. Kaspersky researchers have identified a sharp rise in detections since early March 2025, with over 100 users across dozens of organizations falling prey to bait emails disguised as contract agreements. These emails, often containing file names…
-
Chrome Store Features Extension Poisoned With Sophisticated Spyware
A color picker for Google’s browser with more than 100,000 downloads hijacks sessions every time a user navigates to a new webpage and also redirects them to malicious sites. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/chrome-store-features-extension-poisoned-sophisticated-spyware
-
Malware Surge Hits Android: Adware, Trojans and Crypto Theft Lead Q2 Threats
Dr.Web reports Android malware surge in Q2 with adware, banking trojans and crypto theft hidden in fake apps, firmware and spyware targeting users. First seen on hackread.com Jump to article: hackread.com/android-malware-adware-trojan-crypto-theft-q2-threats/
-
A flaw in Catwatchful spyware exposed logins of +62,000 users
A flaw in Catwatchful spyware exposed logins of 62,000 users, turning the spy tool into a data leak, security researcher Eric Daigle revealed. A flaw in the Catwatchful Android spyware exposed its full user database, leaking email addresses and plaintext passwords of both customers and its admin, TechCrunch first reported. Security researcher Eric Daigle first discovered…
-
A flaw in Catwatchful spyware exposed logins of +62,000 users
A flaw in Catwatchful spyware exposed logins of 62,000 users, turning the spy tool into a data leak, security researcher Eric Daigle revealed. A flaw in the Catwatchful Android spyware exposed its full user database, leaking email addresses and plaintext passwords of both customers and its admin, TechCrunch first reported. Security researcher Eric Daigle first discovered…
-
Catwatchful Android Spyware Leaks Credentials of 62,000+ Users
A major security lapse has exposed the credentials of over 62,000 users of Catwatchful, a full-featured Android spyware app that openly markets itself as a tool for covert surveillance. The breach, discovered by a security researcher, highlights the persistent risks posed by stalkerware and the dangers of storing sensitive user data without adequate safeguards. Catwatchful…
-
Smashing Security podcast #424: Surveillance, spyware, and self-driving snafus
A Mexican drug cartel spies on the FBI using traffic cameras and spyware, because “ubiquitous technical surveillance” is no longer just for dystopian thrillers. Graham digs into a chilling new US Justice Department report that shows how surveillance tech was weaponised to deadly effect. First seen on grahamcluley.com Jump to article: grahamcluley.com/smashing-security-podcast-424/
-
Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones
The spyware operation’s exposed customer email addresses and passwords were shared with data breach notification service Have I Been Pwned. First seen on techcrunch.com Jump to article: techcrunch.com/2025/07/02/data-breach-reveals-catwatchful-stalkerware-spying-on-thousands-android-phones/
-
SparkKitty Spyware on App Store and Play Store, Steals Photos for Crypto Data
Kaspersky uncovers SparkKitty, new spyware in Apple App Store Google Play. Steals photos, targets crypto info, active since early 2024 via malicious apps. First seen on hackread.com Jump to article: hackread.com/sparkkitty-spyware-app-store-play-store-steals-photos-crypto/
-
New Paragon spyware attacks involve FreeType zero-day bug
First seen on scworld.com Jump to article: www.scworld.com/brief/new-paragon-spyware-attacks-involve-freetype-zero-day-bug
-
SparkKitty Targets iOS and Android Devices via App Store and Google Play Attacks
A sophisticated spyware campaign, dubbed SparkKitty, has emerged as a significant threat to both iOS and Android users, infiltrating even the official app stores like Google Play and the App Store. First detected in connection with the earlier SparkCat campaign from January 2025, which targeted crypto wallet seed phrases, SparkKitty has since evolved into a…
-
Android Spyware SpyNote Masquerading as Google Translate Found in Open Directories
Our team stumbled upon a disturbing array of SpyNote spyware samples lurking in open directories across the internet. These misconfigured digital repositories, often overlooked as mere storage spaces, have become unwitting hosts to dangerous malware targeting Android users. Uncovering Hidden Threats in Open Digital Repositories Disguised as legitimate applications like Google Translate, Temp Mail, and…
-
Paragon Commercial Spyware Infects Prominent Journalists
Tags: spywareAn unnamed customer of Paragon’s Graphite product used the commercial spyware to target at least two prominent European journalists in recent months. First seen on darkreading.com Jump to article: www.darkreading.com/data-privacy/paragon-commercial-spyware-prominent-journalists
-
DeerStealer Malware Deployed Through Exploitation of Windows Run Prompt by Threat Actors
The eSentire’s Threat Response Unit (TRU) has uncovered a series of malicious campaigns throughout May 2025, where threat actors have been deploying the DeerStealer malware, also known as XFiles Spyware, using the HijackLoader malware loader. This sophisticated information stealer, peddled on dark-web forums by a user named “LuciferXfiles,” is designed to harvest a wide array…
-
âš¡ Weekly Recap: iPhone Spyware, Microsoft 0-Day, TokenBreak Hack, AI Data Leaks and More
Some of the biggest security problems start quietly. No alerts. No warnings. Just small actions that seem normal but aren’t. Attackers now know how to stay hidden by blending in, and that makes it hard to tell when something’s wrong.This week’s stories aren’t just about what was attacked”, but how easily it happened. If we’re…
-
New Predator spyware infrastructure revealed activity in Mozambique for the first time
Insik Group analyzed the new Predator spyware infrastructure and discovered it’s still gaining users despite U.S. sanctions since July 2023. Despite earlier declines in activity due to U.S. sanctions and public exposure, Predator spyware has resurged. Insikt Group analyzed a renewed infrastructure linked to the commercial spyware company and identified a new customer in Mozambique,…
-
Predator Spyware Resurges: New Infrastructure, Evasion Tactics, and Mozambique Customer Uncovered
The post Predator Spyware Resurges: New Infrastructure, Evasion Tactics, and Mozambique Customer Uncovered appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/predator-spyware-resurges-new-infrastructure-evasion-tactics-and-mozambique-customer-uncovered/
-
RFK Jr. Orders HHS to Give Undocumented Migrants’ Medicaid Data to DHS
Plus: Spyware is found on two Italian journalists’ phones, Ukraine claims to have hacked a Russian aircraft maker, police take down major infostealer infrastructure, and more. First seen on wired.com Jump to article: www.wired.com/story/rfk-jr-orders-hhs-to-give-undocumented-migrants-medicaid-data-to-dhs/
-
New Predator spyware activity identified
Tags: spywareFirst seen on scworld.com Jump to article: www.scworld.com/brief/new-predator-spyware-activity-identified
-
Zero-click attacks target journalists’ iPhones with Graphite spyware
First seen on scworld.com Jump to article: www.scworld.com/brief/zero-click-attacks-target-journalists-iphones-with-graphite-spyware
-
Apple fixes zero-click exploit underpinning Paragon spyware attacks
Zero-day potentially tied to around 100 suspected infections in 2025 and a spyware scandal on the continent First seen on theregister.com Jump to article: www.theregister.com/2025/06/13/apple_fixes_zeroclick_exploit_underpinning/
-
iOS zero-click attacks used to deliver Graphite spyware (CVE-2025-43200)
A zero-click attack leveraging a freshly disclosed Messages vulnerability (CVE-2025-43200) has infected the iPhones of two European journalists with Paragon’s Graphite … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/13/ios-zero-click-attacks-used-to-deliver-graphite-spyware-cve-2025-43200/
-
European Journalists Targeted by Paragon Spyware, Citizen Lab Confirms
Tags: spywareThis is the first forensic evidence that journalists’ devices have been infected with Paragon’s Graphite spyware First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/european-journalists-paragon/
-
Graphite Spyware Uses iOS Zero-Click Flaw to Target Journalists
Security researchers at Citizen Lab have uncovered the first forensic evidence linking Paragon’s Graphite mercenary spyware to zero-click attacks on journalists’ iPhones. The campaigns exploited a now-patched iMessage vulnerability (CVE-2025-43200) to compromise devices running iOS 18.2.1, highlighting the persistent threat of state-aligned surveillance against civil society Technical Overview of the Attack Chain According to the…
-
iPhone-Nutzer attackiert: Zero-Click-Lücke in iOS für Spyware-Attacken missbraucht
Forscher konnten Spyware-Angriffe auf eine gefährliche Sicherheitslücke in iOS zurückführen. Apple hat sie monatelang unter Verschluss gehalten. First seen on golem.de Jump to article: www.golem.de/news/iphone-nutzer-attackiert-zero-click-luecke-in-ios-fuer-spyware-attacken-missbraucht-2506-197105.html
-
Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware
Apple has disclosed that a now-patched security flaw present in its Messages app was actively exploited in the wild to target civil society members in sophisticated cyber attacks.The vulnerability, tracked as CVE-2025-43200, was addressed on February 10, 2025, as part of iOS 18.3.1, iPadOS 18.3.1, iPadOS 17.7.5, macOS Sequoia 15.3.1, macOS Sonoma 14.7.4, macOS Ventura…
-
Paragon Graphite Spyware used a zero-day exploit to hack at least two journalists’ iPhones
Security researchers at Citizen Lab revealed that Paragon’s Graphite spyware can hack fully updated iPhones via zero-click attacks. Citizen Lab has confirmed that Paragon’s Graphite spyware was used to hack fully updated iPhones, targeting at least two journalists in Europe. The group found forensic evidence showing the phones had communicated with the same spyware server.…
-
Predator spyware activity surfaces in new places with new tricks
Tags: spywareThe spyware’s developer, Intellexa, has been under pressure due to sanctions and public disclosure, but Recorded Future uncovered fresh activity. First seen on cyberscoop.com Jump to article: cyberscoop.com/predator-spyware-activity-surfaces-in-new-places-with-new-tricks/