Tag: spyware
-
New RadzaRat Spyware Poses as File Manager to Hijack Android Devices
Certo Software found RadzaRat, an Android RAT disguised as a file manager that has a 0/66 detection rate on VirusTotal. It keylogs passwords and steals files. First seen on hackread.com Jump to article: hackread.com/radzarat-spyware-hijack-android-devices/
-
NSO Group argues WhatsApp injunction threatens existence, future U.S. government work
The spyware vendor made those two arguments, among others, in a motion to stay the California court ruling. First seen on cyberscoop.com Jump to article: cyberscoop.com/nso-group-whatsapp-injunction-appeal/
-
NSO seeks to overturn WhatsApp case, saying it is ‘catastrophic’ for the spyware maker
In a court filing ahead of the ruling, NSO told the judge that blocking it from targeting WhatsApp infrastructure to implant its spyware could “put NSO’s entire enterprise at risk” and “force NSO out of business.” First seen on therecord.media Jump to article: therecord.media/nso-seeks-to-overturn-whatsapp-case
-
Samsung Galaxy-Smartphones und Spyware?
Tags: spywareMomentan gibt es ziemliche Aufregung, weil angeblich eine Spyware (vorinstalliert) auf Samsung Galaxy Smartphones gefunden wurde. Der Vorwurf lautet, dass diese Spyware aus Israel komme, wobei vieles noch unklar ist. Und es ist eine LANDFALL genannte Spyware gefunden worden, die … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/18/samsung-galaxy-smartphones-mit-landfall-spyware/
-
Pre-Installed Spyware Found on Samsung Galaxy Devices and Cannot Be Removed
Samsung users across West Asia and North Africa are raising serious privacy concerns over AppCloud. This pre-installed bloatware application collects sensitive personal data without consent. It cannot be easily removed from Galaxy A and M series smartphones. AppCloud, developed by ironSource, an Israeli-founded company now owned by American tech firm Unity, has been embedded into…
-
North Korea’s Contagious Interview APT Uses JSON Keeper and GitLab to Deliver BeaverTail Spyware
The post North Korea’s Contagious Interview APT Uses JSON Keeper and GitLab to Deliver BeaverTail Spyware appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/north-koreas-contagious-interview-apt-uses-json-keeper-and-gitlab-to-deliver-beavertail-spyware/
-
DarkComet Spyware Resurfaces Disguised as Fake Bitcoin Wallet
Old DarkComet RAT spyware is back, hiding inside fake Bitcoin wallets and trading apps to steal credentials via keylogging. First seen on hackread.com Jump to article: hackread.com/darkcomet-spyware-fake-bitcoin-wallet-apps/
-
Patch Samsung flaw exploited to deliver spyware (CVE-2025-21042)
CISA has added CVE-2025-21042, a vulnerability affecting Samsung mobile devices, to its Known Exploited Vulnerabilities (KEV) catalog, and has ordered US federal civilian … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/11/samsung-spyware-cve-2025-21042/
-
CISA Adds Zero-Day Bug Used in Spyware Attacks to KEV
CISA has demanded federal agencies patch a zero-day vulnerability affecting Samsung devices used in LandFall spyware attacks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisa-zeroday-bugspyware-attacks-kev/
-
CISA orders feds to patch Samsung zero-day used in spyware attacks
CISA ordered U.S. federal agencies today to patch a critical Samsung vulnerability that has been exploited in zero-day attacks to deploy LandFall spyware on devices running WhatsApp. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-samsung-zero-day-used-in-spyware-attacks/
-
CISA orders feds to patch Samsung zero-day used in spyware attacks
CISA ordered U.S. federal agencies today to patch a critical Samsung vulnerability that has been exploited in zero-day attacks to deploy LandFall spyware on devices running WhatsApp. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-samsung-zero-day-used-in-spyware-attacks/
-
LANDFALL Spyware Targeted Samsung Galaxy Phones via Malicious Images
Unit 42 discovered LANDFALL, commercial-grade Android spyware, which used a hidden image vulnerability (CVE-2025-21042) to remotely spy on Samsung Galaxy users via WhatsApp. Update your phone now. First seen on hackread.com Jump to article: hackread.com/landfall-spyware-samsung-galaxy-malicious-images/
-
LANDFALL: Advanced Commercial-Grade Spyware Targeting Samsung Devices
The discovery of LANDFALL highlights the need for stronger mobile defenses and proactive cybersecurity against advanced spyware. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/landfall-advanced-commercial-grade-spyware-targeting-samsung-devices/
-
Spionagesoftware: Neuer Vorsitzender der NSO Group ist Trump-Vertrauter
Der frühere US-Botschafter und Insolvenzanwalt möchte seine Kontakte nutzen, um mit der Spyware Pegasus wieder Geschäfte in den USA zu machen. First seen on golem.de Jump to article: www.golem.de/news/spionagesoftware-neuer-vorsitzender-der-nso-group-ist-trump-vertrauter-2511-202030.html
-
Why a lot of people are getting hacked with government spyware
Government surveillance vendors want us to believe their spyware products are only used in limited and targeted operations against terrorists and serious criminals. That claim is increasingly difficult to justify, given the broad range of victims, journalists, activists, and now political consultants, that have come forward. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/10/why-a-lot-of-people-are-getting-hacked-with-government-spyware/
-
Why a lot of people are getting hacked with government spyware
Government surveillance vendors want us to believe their spyware products are only used in limited and targeted operations against terrorists and serious criminals. That claim is increasingly difficult to justify, given the broad range of victims, journalists, activists, and now political consultants, that have come forward. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/10/why-a-lot-of-people-are-getting-hacked-with-government-spyware/
-
âš¡ Weekly Recap: Hyper-V Malware, Malicious AI Bots, RDP Exploits, WhatsApp Lockdown and More
Cyber threats didn’t slow down last week”, and attackers are getting smarter. We’re seeing malware hidden in virtual machines, side-channel leaks exposing AI chats, and spyware quietly targeting Android devices in the wild.But that’s just the surface. From sleeper logic bombs to a fresh alliance between major threat groups, this week’s roundup highlights a clear…
-
âš¡ Weekly Recap: Hyper-V Malware, Malicious AI Bots, RDP Exploits, WhatsApp Lockdown and More
Cyber threats didn’t slow down last week”, and attackers are getting smarter. We’re seeing malware hidden in virtual machines, side-channel leaks exposing AI chats, and spyware quietly targeting Android devices in the wild.But that’s just the surface. From sleeper logic bombs to a fresh alliance between major threat groups, this week’s roundup highlights a clear…
-
âš¡ Weekly Recap: Hyper-V Malware, Malicious AI Bots, RDP Exploits, WhatsApp Lockdown and More
Cyber threats didn’t slow down last week”, and attackers are getting smarter. We’re seeing malware hidden in virtual machines, side-channel leaks exposing AI chats, and spyware quietly targeting Android devices in the wild.But that’s just the surface. From sleeper logic bombs to a fresh alliance between major threat groups, this week’s roundup highlights a clear…
-
Spionage: Samsung-Nutzer mit bisher unbekannter Spyware attackiert
Angreifer nutzen schon seit Mitte 2024 eine Zero-Day-Lücke in Samsung-Smartphones aus, um eine bisher unbekannte Spyware einzuschleusen. First seen on golem.de Jump to article: www.golem.de/news/spionage-samsung-nutzer-mit-bisher-unbekannter-spyware-attackiert-2511-202003.html
-
Italian Adviser Becomes Latest Target in Expanding Paragon Graphite Spyware Surveillance Case
An extract from >>The Enemy Inside, the Paragon Case, Spies and Regime Methods in Giorgia Meloni’s Italy
-
Italian Adviser Becomes Latest Target in Expanding Paragon Graphite Spyware Surveillance Case
An extract from >>The Enemy Inside, the Paragon Case, Spies and Regime Methods in Giorgia Meloni’s Italy
-
A new Italian citizen was targeted with Paragon’s Graphite spyware. We have a serious problem
An Italian political adviser was targeted with Paragon’s Graphite spyware, becoming the fifth Italian in the ongoing government surveillance activity. Italian political adviser Francesco Nicodemo said he was targeted with Paragon’s Graphite spyware, becoming the fifth Italian in the ongoing government surveillance activity. Graphite is an invasive, non-auditable spyware that covertly accesses sensitive phone data;…
-
New “LANDFALL” Android Malware Uses Samsung 0-Day Vulnerability Hidden in WhatsApp Images
Cybersecurity researchers at Unit 42 have uncovered a sophisticated Android spyware campaign that exploited a previously unknown zero-day vulnerability in Samsung Galaxy devices. The malware, dubbed LANDFALL, leveraged a critical vulnerability in Samsung’s image processing library to deliver commercial-grade surveillance capabilities through maliciously crafted image files sent via WhatsApp. The LANDFALL campaign exploited CVE-2025-21042, a…
-
Samsung Mobile Flaw Exploited as Zero-Day to Deploy LANDFALL Android Spyware
A now-patched security flaw in Samsung Galaxy Android devices was exploited as a zero-day to deliver a “commercial-grade” Android spyware dubbed LANDFALL in targeted attacks in the Middle East.The activity involved the exploitation of CVE-2025-21042 (CVSS score: 8.8), an out-of-bounds write flaw in the “libimagecodec.quram.so” component that could allow remote attackers to execute arbitrary First…
-
New “LANDFALL” Android Malware Uses Samsung 0-Day Vulnerability Hidden in WhatsApp Images
Cybersecurity researchers at Unit 42 have uncovered a sophisticated Android spyware campaign that exploited a previously unknown zero-day vulnerability in Samsung Galaxy devices. The malware, dubbed LANDFALL, leveraged a critical vulnerability in Samsung’s image processing library to deliver commercial-grade surveillance capabilities through maliciously crafted image files sent via WhatsApp. The LANDFALL campaign exploited CVE-2025-21042, a…
-
Samsung Mobile Flaw Exploited as Zero-Day to Deploy LANDFALL Android Spyware
A now-patched security flaw in Samsung Galaxy Android devices was exploited as a zero-day to deliver a “commercial-grade” Android spyware dubbed LANDFALL in targeted attacks in the Middle East.The activity involved the exploitation of CVE-2025-21042 (CVSS score: 8.8), an out-of-bounds write flaw in the “libimagecodec.quram.so” component that could allow remote attackers to execute arbitrary First…
-
Samsung Zero-Day Flaw Exploited by ‘Landfall’ Spyware
Spyware Targets Samsung Galaxy Devices, Says Unit 42. Hackers used previously unknown commercial spyware dubbed Landfall to surveil the activities of Samsung Galaxy device owners in the Middle East, say security researchers who posit the threat actor has connections to the United Arab Emirates. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/samsung-zero-day-flaw-exploited-by-landfall-spyware-a-29963
-
LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks
A now-patched Samsung Galaxy flaw, tracked as CVE-2025-21042, was exploited as a zero-day to deploy LANDFALL spyware in targeted attacks in Middle East. Samsung patched a flaw exploited as a zero-day, tracked as CVE-2025-21042 (CVSS score of 8.8), to deploy LANDFALL spyware on Galaxy devices in Middle East attacks. >>Unit 42 researchers have uncovered a…
-
Previously unknown Landfall spyware used in 0-day attacks on Samsung phones
‘Precision espionage campaign’ began months before the flaw was fixed First seen on theregister.com Jump to article: www.theregister.com/2025/11/07/landfall_spyware_samsung_0days/