Collecting Cyber-News from over 60 sources

Tag: spyware

Italian Adviser Becomes Latest Target in Expanding Paragon Graphite Spyware Surveillance Case

Nov 10, 2025 9:19 AM

Tags: cyber, spyware

An extract from >>The Enemy Inside, the Paragon Case, Spies and Regime Methods in Giorgia Meloni’s Italy
Italian Adviser Becomes Latest Target in Expanding Paragon Graphite Spyware Surveillance Case

Nov 10, 2025 9:19 AM

Tags: cyber, spyware

An extract from >>The Enemy Inside, the Paragon Case, Spies and Regime Methods in Giorgia Meloni’s Italy
A new Italian citizen was targeted with Paragon’s Graphite spyware. We have a serious problem

Nov 8, 2025 7:19 PM

Tags: government, phone, spyware

An Italian political adviser was targeted with Paragon’s Graphite spyware, becoming the fifth Italian in the ongoing government surveillance activity. Italian political adviser Francesco Nicodemo said he was targeted with Paragon’s Graphite spyware, becoming the fifth Italian in the ongoing government surveillance activity. Graphite is an invasive, non-auditable spyware that covertly accesses sensitive phone data;…
Samsung Mobile Flaw Exploited as Zero-Day to Deploy LANDFALL Android Spyware

Nov 8, 2025 7:19 AM

Tags: android, attack, cve, exploit, flaw, mobile, spyware, zero-day

A now-patched security flaw in Samsung Galaxy Android devices was exploited as a zero-day to deliver a “commercial-grade” Android spyware dubbed LANDFALL in targeted attacks in the Middle East.The activity involved the exploitation of CVE-2025-21042 (CVSS score: 8.8), an out-of-bounds write flaw in the “libimagecodec.quram.so” component that could allow remote attackers to execute arbitrary First…
New “LANDFALL” Android Malware Uses Samsung 0-Day Vulnerability Hidden in WhatsApp Images

Nov 8, 2025 7:19 AM

Tags: android, cve, cyber, cybersecurity, exploit, malware, spyware, vulnerability, zero-day

Cybersecurity researchers at Unit 42 have uncovered a sophisticated Android spyware campaign that exploited a previously unknown zero-day vulnerability in Samsung Galaxy devices. The malware, dubbed LANDFALL, leveraged a critical vulnerability in Samsung’s image processing library to deliver commercial-grade surveillance capabilities through maliciously crafted image files sent via WhatsApp. The LANDFALL campaign exploited CVE-2025-21042, a…
Samsung Mobile Flaw Exploited as Zero-Day to Deploy LANDFALL Android Spyware

Nov 8, 2025 7:19 AM

Tags: android, attack, cve, exploit, flaw, mobile, spyware, zero-day

A now-patched security flaw in Samsung Galaxy Android devices was exploited as a zero-day to deliver a “commercial-grade” Android spyware dubbed LANDFALL in targeted attacks in the Middle East.The activity involved the exploitation of CVE-2025-21042 (CVSS score: 8.8), an out-of-bounds write flaw in the “libimagecodec.quram.so” component that could allow remote attackers to execute arbitrary First…
New “LANDFALL” Android Malware Uses Samsung 0-Day Vulnerability Hidden in WhatsApp Images

Nov 8, 2025 7:19 AM

Tags: android, cve, cyber, cybersecurity, exploit, malware, spyware, vulnerability, zero-day

Cybersecurity researchers at Unit 42 have uncovered a sophisticated Android spyware campaign that exploited a previously unknown zero-day vulnerability in Samsung Galaxy devices. The malware, dubbed LANDFALL, leveraged a critical vulnerability in Samsung’s image processing library to deliver commercial-grade surveillance capabilities through maliciously crafted image files sent via WhatsApp. The LANDFALL campaign exploited CVE-2025-21042, a…
LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks

Nov 8, 2025 12:19 AM

Tags: attack, cve, exploit, flaw, middle-east, spyware, zero-day

A now-patched Samsung Galaxy flaw, tracked as CVE-2025-21042, was exploited as a zero-day to deploy LANDFALL spyware in targeted attacks in Middle East. Samsung patched a flaw exploited as a zero-day, tracked as CVE-2025-21042 (CVSS score of 8.8), to deploy LANDFALL spyware on Galaxy devices in Middle East attacks. >>Unit 42 researchers have uncovered a…
Samsung Zero-Day Flaw Exploited by ‘Landfall’ Spyware

Nov 8, 2025 12:19 AM

Tags: exploit, flaw, hacker, middle-east, spyware, threat, zero-day

Spyware Targets Samsung Galaxy Devices, Says Unit 42. Hackers used previously unknown commercial spyware dubbed Landfall to surveil the activities of Samsung Galaxy device owners in the Middle East, say security researchers who posit the threat actor has connections to the United Arab Emirates. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/samsung-zero-day-flaw-exploited-by-landfall-spyware-a-29963
Previously unknown Landfall spyware used in 0-day attacks on Samsung phones

Nov 7, 2025 11:19 PM

Tags: attack, espionage, flaw, phone, spyware, zero-day

‘Precision espionage campaign’ began months before the flaw was fixed First seen on theregister.com Jump to article: www.theregister.com/2025/11/07/landfall_spyware_samsung_0days/
Commercial spyware “Landfall” ran rampant on Samsung phones for almost a year

Nov 7, 2025 9:19 PM

Tags: attack, cctv, data, phone, spyware

Targeted attack could steal all of a phone’s data and activate camera or mic. First seen on arstechnica.com Jump to article: arstechnica.com/gadgets/2025/11/commercial-spyware-landfall-ran-rampant-on-samsung-phones-for-almost-a-year/
Commercial spyware “Landfall” ran rampant on Samsung phones for almost a year

Nov 7, 2025 9:19 PM

Tags: attack, cctv, data, phone, spyware

Targeted attack could steal all of a phone’s data and activate camera or mic. First seen on arstechnica.com Jump to article: arstechnica.com/gadgets/2025/11/commercial-spyware-landfall-ran-rampant-on-samsung-phones-for-almost-a-year/
New LandFall spyware exploited Samsung zero-day via WhatsApp messages

Nov 7, 2025 8:20 PM

Tags: android, exploit, malicious, spyware, threat, vulnerability, zero-day

A threat actor exploited a zero-day vulnerability in Samsung’s Android image processing library to deploy a previously unknown spyware called ‘LandFall’ using malicious images sent over WhatsApp. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-landfall-spyware-exploited-samsung-zero-day-via-whatsapp-messages/
Newly identified Android spyware appears to be from a commercial vendor

Nov 7, 2025 7:20 PM

Tags: android, spyware, zero-day

Researchers spotted a 9-month-long campaign involving previously undiscovered spyware they call LANDFALL, which leveraged a zero-day bug in Samsung Galaxy phones. First seen on therecord.media Jump to article: therecord.media/landfall-spyware-middle-east-appears-commercial-grade
Newly identified Android spyware appears to be from a commercial vendor

Nov 7, 2025 7:20 PM

Tags: android, spyware, zero-day

Researchers spotted a 9-month-long campaign involving previously undiscovered spyware they call LANDFALL, which leveraged a zero-day bug in Samsung Galaxy phones. First seen on therecord.media Jump to article: therecord.media/landfall-spyware-middle-east-appears-commercial-grade
Samsung Zero-Click Flaw Exploited to Deploy LANDFALL Android Spyware via WhatsApp

Nov 7, 2025 7:20 PM

Tags: android, attack, cve, exploit, flaw, spyware, zero-day

A now-patched security flaw in Samsung Galaxy Android devices was exploited as a zero-day to deliver a “commercial-grade” Android spyware dubbed LANDFALL in targeted attacks in the Middle East.The activity involved the exploitation of CVE-2025-21042 (CVSS score: 8.8), an out-of-bounds write flaw in the “libimagecodec.quram.so” component that could allow remote attackers to execute arbitrary First…
New Landfall spyware apparently targeting Samsung phones in Middle East

Nov 7, 2025 5:19 PM

Tags: middle-east, network, phone, spyware

Palo Alto Networks researchers haven’t been able to identify who’s behind the commercial-grade tech yet. First seen on cyberscoop.com Jump to article: cyberscoop.com/landfall-spyware-samsung-phones-palo-alto-networks-unit-42/
New Landfall spyware apparently targeting Samsung phones in Middle East

Nov 7, 2025 5:19 PM

Tags: middle-east, network, phone, spyware

Palo Alto Networks researchers haven’t been able to identify who’s behind the commercial-grade tech yet. First seen on cyberscoop.com Jump to article: cyberscoop.com/landfall-spyware-samsung-phones-palo-alto-networks-unit-42/
9 top bug bounty programs launched in 2025

Nov 7, 2025 2:20 PM

Tags: ai, api, apple, attack, best-practice, browser, bug-bounty, chatgpt, chrome, cloud, computer, corporate, cyber, cybersecurity, data, defense, exploit, finance, flaw, framework, google, government, hacker, hacking, healthcare, identity, infrastructure, injection, intelligence, iphone, macOS, microsoft, mitigation, mobile, nis-2, nvidia, openai, phishing, risk, service, spyware, strategy, technology, theft, threat, unauthorized, update, vulnerability, zero-day

Bug bounty programs focus in 2025: For ethical hackers, best practice for bug bounty hunting in 2025 involves thorough reconnaissance of a target organization’s technology stack, rather than just running automated tools.Leading bug bounty platforms such as Bugcrowd, HackerOne, Synack, YesWeHack, and Intigriti offer rewards for identifying and reporting security vulnerabilities. Platforms connect ethical hackers…
9 top bug bounty programs launched in 2025

Nov 7, 2025 2:20 PM

Tags: ai, api, apple, attack, best-practice, browser, bug-bounty, chatgpt, chrome, cloud, computer, corporate, cyber, cybersecurity, data, defense, exploit, finance, flaw, framework, google, government, hacker, hacking, healthcare, identity, infrastructure, injection, intelligence, iphone, macOS, microsoft, mitigation, mobile, nis-2, nvidia, openai, phishing, risk, service, spyware, strategy, technology, theft, threat, unauthorized, update, vulnerability, zero-day

Bug bounty programs focus in 2025: For ethical hackers, best practice for bug bounty hunting in 2025 involves thorough reconnaissance of a target organization’s technology stack, rather than just running automated tools.Leading bug bounty platforms such as Bugcrowd, HackerOne, Synack, YesWeHack, and Intigriti offer rewards for identifying and reporting security vulnerabilities. Platforms connect ethical hackers…
9 top bug bounty programs launched in 2025

Nov 7, 2025 2:20 PM

Tags: ai, api, apple, attack, best-practice, browser, bug-bounty, chatgpt, chrome, cloud, computer, corporate, cyber, cybersecurity, data, defense, exploit, finance, flaw, framework, google, government, hacker, hacking, healthcare, identity, infrastructure, injection, intelligence, iphone, macOS, microsoft, mitigation, mobile, nis-2, nvidia, openai, phishing, risk, service, spyware, strategy, technology, theft, threat, unauthorized, update, vulnerability, zero-day

Bug bounty programs focus in 2025: For ethical hackers, best practice for bug bounty hunting in 2025 involves thorough reconnaissance of a target organization’s technology stack, rather than just running automated tools.Leading bug bounty platforms such as Bugcrowd, HackerOne, Synack, YesWeHack, and Intigriti offer rewards for identifying and reporting security vulnerabilities. Platforms connect ethical hackers…
9 top bug bounty programs launched in 2025

Nov 7, 2025 2:20 PM

Tags: ai, api, apple, attack, best-practice, browser, bug-bounty, chatgpt, chrome, cloud, computer, corporate, cyber, cybersecurity, data, defense, exploit, finance, flaw, framework, google, government, hacker, hacking, healthcare, identity, infrastructure, injection, intelligence, iphone, macOS, microsoft, mitigation, mobile, nis-2, nvidia, openai, phishing, risk, service, spyware, strategy, technology, theft, threat, unauthorized, update, vulnerability, zero-day

Bug bounty programs focus in 2025: For ethical hackers, best practice for bug bounty hunting in 2025 involves thorough reconnaissance of a target organization’s technology stack, rather than just running automated tools.Leading bug bounty platforms such as Bugcrowd, HackerOne, Synack, YesWeHack, and Intigriti offer rewards for identifying and reporting security vulnerabilities. Platforms connect ethical hackers…
9 top bug bounty programs launched in 2025

Nov 7, 2025 2:20 PM

Tags: ai, api, apple, attack, best-practice, browser, bug-bounty, chatgpt, chrome, cloud, computer, corporate, cyber, cybersecurity, data, defense, exploit, finance, flaw, framework, google, government, hacker, hacking, healthcare, identity, infrastructure, injection, intelligence, iphone, macOS, microsoft, mitigation, mobile, nis-2, nvidia, openai, phishing, risk, service, spyware, strategy, technology, theft, threat, unauthorized, update, vulnerability, zero-day

Bug bounty programs focus in 2025: For ethical hackers, best practice for bug bounty hunting in 2025 involves thorough reconnaissance of a target organization’s technology stack, rather than just running automated tools.Leading bug bounty platforms such as Bugcrowd, HackerOne, Synack, YesWeHack, and Intigriti offer rewards for identifying and reporting security vulnerabilities. Platforms connect ethical hackers…
9 top bug bounty programs launched in 2025

Nov 7, 2025 2:20 PM

Tags: ai, api, apple, attack, best-practice, browser, bug-bounty, chatgpt, chrome, cloud, computer, corporate, cyber, cybersecurity, data, defense, exploit, finance, flaw, framework, google, government, hacker, hacking, healthcare, identity, infrastructure, injection, intelligence, iphone, macOS, microsoft, mitigation, mobile, nis-2, nvidia, openai, phishing, risk, service, spyware, strategy, technology, theft, threat, unauthorized, update, vulnerability, zero-day

Bug bounty programs focus in 2025: For ethical hackers, best practice for bug bounty hunting in 2025 involves thorough reconnaissance of a target organization’s technology stack, rather than just running automated tools.Leading bug bounty platforms such as Bugcrowd, HackerOne, Synack, YesWeHack, and Intigriti offer rewards for identifying and reporting security vulnerabilities. Platforms connect ethical hackers…
New Android Malware ‘Fantasy Hub’ Spies on Users’ Calls, Contacts, and Messages

Nov 7, 2025 1:19 PM

Tags: access, android, cyber, malware, mobile, russia, service, social-engineering, spyware, tactics, threat

Russian-based threat actors are actively distributing a sophisticated Android Remote Access Trojan called >>Fantasy Hub
New Android Malware ‘Fantasy Hub’ Spies on Users’ Calls, Contacts, and Messages

Nov 7, 2025 1:19 PM

Tags: access, android, cyber, malware, mobile, russia, service, social-engineering, spyware, tactics, threat

Russian-based threat actors are actively distributing a sophisticated Android Remote Access Trojan called >>Fantasy Hub
‘Landfall’ spyware abused zero-day to hack Samsung Galaxy phones

Nov 7, 2025 12:19 PM

Tags: android, middle-east, phone, spyware, zero-day

A newly identified Android spyware targeted Galaxy devices for close to a year, including users in the Middle East, researchers exclusively tell TechCrunch. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/07/landfall-spyware-abused-zero-day-to-hack-samsung-galaxy-phones/
Italian political consultant says he was targeted with Paragon spyware

Nov 6, 2025 7:19 PM

Tags: phone, spyware

WhatsApp notified the consultant, who works for left-wing politicians, that his phone was targeted with spyware made by Paragon. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/06/italian-political-consultant-says-he-was-targeted-with-paragon-spyware/
Italian communications executive reveals he was targeted with Paragon spyware

Nov 6, 2025 6:19 PM

Tags: communications, spyware

A prominent Italian communications executive and political adviser has revealed that he was targeted with Paragon spyware, making him the fifth Italian to come forward in a scandal that has rocked the Italian government. First seen on therecord.media Jump to article: therecord.media/italy-comms-exec-spyware
Italian communications executive reveals he was targeted with Paragon spyware

Nov 6, 2025 6:19 PM

Tags: communications, spyware

A prominent Italian communications executive and political adviser has revealed that he was targeted with Paragon spyware, making him the fifth Italian to come forward in a scandal that has rocked the Italian government. First seen on therecord.media Jump to article: therecord.media/italy-comms-exec-spyware