Tag: spyware
-
Memento Labs, the ghost of Hacking Team, has returned, or maybe it was never gone at all.
Kaspersky links the first Chrome zero-day of 2025 to tools used in attacks attributed to Memento Labs, formerly known as the Hacking Team. The actor behind Operation ForumTroll used the same tools seen in Dante spyware attacks. Kaspersky researchers linked the first Chrome zero-day of 2025 (CVE-2025-2783), a sandbox escape flaw, to the arsenal of…
-
Memento Spyware Tied to Chrome Zero-Day Attacks
While investigating the cyberattacks, researchers uncovered a new spyware product from Memento Labs, the successor to the infamous Hacking Team. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/memento-spyware-chrome-zero-day-attacks
-
Chrome 0-Day Exploited by Mem3nt0 Mori in Espionage Attacks
Hackers exploit a Chrome 0-day to deploy spyware in attacks tied to Mem3nt0 Mori. Google patches CVE-2025-2783; users urged to update fast. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/chrome-zero-day-exploit-spyware/
-
Italian-made spyware spotted in breaches of Russian, Belarusian systems
The Dante spyware from Memento Labs, the successor to the notorious Italian company Hacking Team, was part of espionage operations against targets in Russia and Belarus, researchers at Kaspersky said. First seen on therecord.media Jump to article: therecord.media/memento-labs-formerly-hacking-team-dante-spyware-russia-kaspersky
-
Hacking Team successor linked to malware campaign, new ‘Dante’ commercial spyware
Kaspersky researchers said Memento Labs appears to be behind both the Operation ForumTroll malware and spyware, known as Dante. First seen on cyberscoop.com Jump to article: cyberscoop.com/hacking-team-dante-spyware-kaspersky/
-
Italian spyware vendor linked to Chrome zero-day attacks
A zero-day vulnerability in Google Chrome exploited in Operation ForumTroll earlier this year delivered malware linked to Italian spyware vendor Memento Labs, born after IntheCyber Group acquired the infamous Hacking Team. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/italian-spyware-vendor-linked-to-chrome-zero-day-attacks/
-
Neue Hacking-Team-Spyware entdeckt
Forscher von Kaspersky haben nach intensiver Analyse eine Verbindung zwischen der berüchtigten Hackergruppe Memento Labs und einer aktuellen Cyberspionage-Kampagne entdeckt. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/neue-hacking-team-spyware-entdeckt
-
Critical Chrome 0-Day Under Attack: Mem3nt0 Mori Hackers Actively Exploiting Vulnerability
In March 2025, security researchers at Kaspersky detected a sophisticated campaign exploiting a previously unknown Chrome vulnerability to deliver advanced spyware to high-profile targets. The attack, dubbed Operation ForumTroll, leveraged personalized phishing links to compromise organizations across Russia, including media outlets, universities, research centers, government agencies, and financial institutions. A single click on a malicious…
-
iOS 26 Overwrites ‘shutdown.log’ on Reboot, Erasing Forensic Evidence of Pegasus and Predator Spyware
As iOS 26 is being rolled out, a critical forensic challenge has emerged: the operating system now automatically overwrites the shutdown.log file on every reboot, effectively erasing crucial evidence of Pegasus and Predator spyware infections. This development represents a significant setback for forensic investigators and users seeking to determine whether their devices have been compromised”,…
-
PhantomCaptcha Spyware Targets Ukraine NGOs with Fake Cloudflare Lure to Deploy WebSocket RAT
The post PhantomCaptcha Spyware Targets Ukraine NGOs with Fake Cloudflare Lure to Deploy WebSocket RAT appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/phantomcaptcha-spyware-targets-ukraine-ngos-with-fake-cloudflare-lure-to-deploy-websocket-rat/
-
Former Polish official indicted over spyware purchase
Tags: spywareMichał Woś faces a possible 10-year prison sentence for facilitating a spyware purchase, which prosecutors say took place in 2017. First seen on therecord.media Jump to article: therecord.media/former-polish-official-indicted-spyware-probe
-
Former Polish official indicted over spyware purchase
Tags: spywareMichał Woś faces a possible 10-year prison sentence for facilitating a spyware purchase, which prosecutors say took place in 2017. First seen on therecord.media Jump to article: therecord.media/former-polish-official-indicted-spyware-probe
-
Apple alerts exploit developer that his iPhone was targeted with government spyware
A developer at Trenchant, a leading Western spyware and zero-day maker, was suspected of leaking company tools and fired. Weeks later, Apple notified him that his personal iPhone was targeted with spyware. First seen on techcrunch.com Jump to article: techcrunch.com/2025/10/21/apple-alerts-exploit-developer-that-his-iphone-was-targeted-with-government-spyware/
-
NSO permanently barred from targeting WhatsApp users with Pegasus spyware
Ruling holds that defeating end-to-end encryption in WhatsApp harms Meta’s business. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/10/nso-permanently-barred-from-targeting-whatsapp-users-with-pegasus-spyware/
-
US Court Blocks Spyware Maker NSO Over WhatsApp Hack
NSO Group Blocked From WhatsApp and Must Destroy Code Used to Hack 1,400 Devices. A federal judge issued a permanent injunction barring NSO Group from using or retaining its WhatsApp spyware exploit, citing national security risks and business harm after the manufacturer’s tools compromised 1,400 devices – some allegedly linked to journalists and officials. First…
-
Judge bars NSO from targeting WhatsApp users with spyware, reduces damages in landmark case
Spyware manufacturer NSO Group will have to pay Meta $4 million instead of $168 million, but will also be barred from targeting the messaging platform in the future. First seen on therecord.media Jump to article: therecord.media/judge-bars-nso-from-targeting-whatsapp-users-lowers-damages
-
Spyware maker NSO Group blocked from WhatsApp
A federal judge has granted Meta-owned WhatsApp’s request for a permanent injunction blocking Israeli cyberintelligence company NSO Group from targeting the messaging app’s users. At the same time, the judge dramatically reduced the fine that NSO Group must pay to Meta. First seen on techcrunch.com Jump to article: techcrunch.com/2025/10/18/spyware-maker-nso-group-blocked-from-whatsapp/
-
German parliamentarian urges officials to investigate Hungary for spyware abuse
A German member of the European Parliament has filed a complaint urging authorities to investigate Hungarian Prime Minister Viktor Orbán for allegedly ordering the country’s secret service to break into his phone with spyware. First seen on therecord.media Jump to article: therecord.media/german-parliament-hungary-spyware
-
Russian spyware ClayRat is spreading, evolving quickly, according to Zimperium
The spyware poses as popular apps like TikTok, and may break free of Russian borders at some point, the researchers say. First seen on cyberscoop.com Jump to article: cyberscoop.com/russian-spyware-clayrat-is-spreading-evolving-quickly-according-to-zimperium/
-
Russian spyware ClayRat is spreading, evolving quickly, according to Zimperium
The spyware poses as popular apps like TikTok, and may break free of Russian borders at some point, the researchers say. First seen on cyberscoop.com Jump to article: cyberscoop.com/russian-spyware-clayrat-is-spreading-evolving-quickly-according-to-zimperium/
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 66
Tags: android, cve, cyber, exploit, extortion, international, malware, ransomware, russia, spyware, vulnerabilitySecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ransomware and Cyber Extortion in Q3 2025 Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability XWorm V6: Exploring Pivotal Plugins ClayRat: A New Android Spyware Targeting Russia Security Evaluation of Android apps…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 66
Tags: android, cve, cyber, exploit, extortion, international, malware, ransomware, russia, spyware, vulnerabilitySecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ransomware and Cyber Extortion in Q3 2025 Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability XWorm V6: Exploring Pivotal Plugins ClayRat: A New Android Spyware Targeting Russia Security Evaluation of Android apps…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 66
Tags: android, cve, cyber, exploit, extortion, international, malware, ransomware, russia, spyware, vulnerabilitySecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ransomware and Cyber Extortion in Q3 2025 Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability XWorm V6: Exploring Pivotal Plugins ClayRat: A New Android Spyware Targeting Russia Security Evaluation of Android apps…
-
Pegasus-Trojaner: Israelische NSO Group von US-Investoren übernommen
Mit der NSO Group wird ein weiterer israelischer Spyware-Anbieter von US-Investoren gekauft. Die Kontrolle soll aber in Israel bleiben. First seen on golem.de Jump to article: www.golem.de/news/pegasus-trojaner-israelische-nso-group-von-us-investoren-uebernommen-2510-201074.html
-
‘Happy Gilmore’ Producer Buys Spyware Maker NSO Group
Plus: US government cybersecurity staffers get reassigned to do immigration work, a hack exposes sensitive age-verification data of Discord users, and more. First seen on wired.com Jump to article: www.wired.com/story/happy-gilmore-producer-buys-spyware-maker-nso-group/
-
Apple bumps RCE bug bounties to $2M to counter commercial spyware vendors
Higher difficulty means higher rewards: The culmination of that work is what Apple now calls Memory Integrity Enforcement (MIE) and is a feature of its new A19 and A19 Pro chips found in its iPhone 17 and iPhone Air lineup. MIE is leveraged in iOS to protect the entire kernel and over 70 userland processes,…
-
Russian spyware ClayRat is spreading, evolving quickly, according to Zimperium
The spyware poses as popular apps like TikTok, and may break free of Russian borders at some point, the researchers say. First seen on cyberscoop.com Jump to article: cyberscoop.com/russian-spyware-clayrat-is-spreading-evolving-quickly-according-to-zimperium/
-
Spyware maker NSO Group confirms acquisition by US investors
NSO Group confirmed to TechCrunch that an unnamed group of American investors has taken “controlling ownership” of the surveillance tech maker. First seen on techcrunch.com Jump to article: techcrunch.com/2025/10/10/spyware-maker-nso-group-confirms-acquisition-by-us-investors/