spyware Archives - Security Affairs

Pierluigi Paganini July 04, 2025

A flaw in Catwatchful spyware exposed logins of +62,000 users

A flaw in Catwatchful spyware exposed logins of 62,000 users, turning the spy tool into a data leak, security researcher Eric Daigle revealed. A flaw in the Catwatchful Android spyware exposed its full user database, leaking email addresses and plaintext passwords of both customers and its admin, TechCrunch first reported. Security researcher Eric Daigle first discovered […]

Pierluigi Paganini March 13, 2025

North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy

North Korea-linked APT group ScarCruft used a new Android spyware dubbed KoSpy to target Korean and English-speaking users. North Korea-linked threat actor ScarCruft (aka APT37, Reaper, and Group123) is behind a previously undetected Android surveillance tool named KoSpy that was used to target Korean and English-speaking users. ScarCruft has been active since at least 2012, it made the […]

Pierluigi Paganini March 03, 2025

Serbian student activist’s phone hacked using Cellebrite zero-day exploit

Amnesty International reports that a Cellebrite zero-day exploit was used to unlock a Serbian activist’s Android phone. Amnesty International reported that a Cellebrite zero-day exploit was used to unlock the Android smartphone of a Serbian activist. In a statement published on 25 February 2025, Cellebrite announced that it had blocked Serbia from using its solution after reports that police […]

Pierluigi Paganini February 27, 2025

Cellebrite blocked Serbia from using its solution because misuse of the equipment for political reasons

Cellebrite blocked Serbia from using its solution after reports that police used it to unlock and infect the phones of a journalist and activist. A report published by Amnesty International in December 2024 documented the use of Cellebrite’s forensics tools by Serbia police to unlock and install spyware on the phones of a local journalist and […]

Pierluigi Paganini December 23, 2024

U.S. Court rules against NSO Group in WhatsApp spyware Lawsuit

A U.S. court ruled in favor of WhatsApp against NSO Group, holding the spyware vendor liable for exploiting a flaw to deliver Pegasus spyware. WhatsApp won a legal case against NSO Group in a U.S. court over exploiting a vulnerability to deliver Pegasus spyware. Will Cathcart of WhatsApp called the ruling a major privacy victory, […]

Pierluigi Paganini December 07, 2024

Russia’s FSB used spyware against a Russian programmer

Russia’s FSB used spyware against a Russian programmer after detaining him for allegedly donating to Ukraine earlier this year. The Federal Security Service (FSB) used spyware to monitor a Russian programmer, Kirill Parubets, after he was detained earlier this year for allegedly donating to Ukraine. Researchers from the First Department and the Citizen Lab discovered that the […]

Pierluigi Paganini September 16, 2024

Apple dismisses lawsuit against surveillance firm NSO Group due to risk of threat intelligence exposure

Apple drops its lawsuit against commercial spyware vendor NSO Group, due to the risk of “threat intelligence” information exposure. Apple is seeking to drop its lawsuit against Israeli spyware company NSO Group, citing the risk of “threat intelligence” information exposure. Apple wants to dismiss its lawsuit against NSO Group due to three key developments. First, […]

Pierluigi Paganini July 30, 2024

Mandrake Android spyware found in five apps in Google Play with over 32,000 downloads since 2022

A new version of the Mandrake Android spyware has been found in five apps on Google Play, which have been downloaded over 32,000 times since 2022. Researchers from Kaspersky discovered a new version of the Mandrake Android spyware in five app on Google Play, totaling over 32,000 downloads between 2022 and 2024. Researchers from Bitdefender […]

Pierluigi Paganini February 06, 2024

Commercial spyware vendors are behind most zero-day exploits discovered by Google TAG

Google’s TAG revealed that Commercial spyware vendors (CSV) were behind most of the zero-day vulnerabilities discovered in 2023. The latest report published by Google Threat Analysis Group (TAG), titled “Buying Spying, an in-depth report with our insights into Commercial Surveillance Vendors (CSVs)”, warns of the rise of commercial spyware vendors and the risks to free […]

Pierluigi Paganini February 06, 2024

U.S. Gov imposes visa restrictions on individuals misusing Commercial Spyware

The U.S. government imposes visa restrictions on individuals who are involved in the illegal use of commercial spyware. The U.S. State Department announced it is implementing a new policy to impose visa restrictions on individuals involved in the misuse of commercial spyware. The policy underscores the U.S. government’s commitment to addressing the misuse of surveillance software, […]

spyware

A flaw in Catwatchful spyware exposed logins of +62,000 users

North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy

Serbian student activist’s phone hacked using Cellebrite zero-day exploit

Cellebrite blocked Serbia from using its solution because misuse of the equipment for political reasons

U.S. Court rules against NSO Group in WhatsApp spyware Lawsuit

Russia’s FSB used spyware against a Russian programmer

Apple dismisses lawsuit against surveillance firm NSO Group due to risk of threat intelligence exposure

Mandrake Android spyware found in five apps in Google Play with over 32,000 downloads since 2022

Commercial spyware vendors are behind most zero-day exploits discovered by Google TAG

U.S. Gov imposes visa restrictions on individuals misusing Commercial Spyware

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Apple fixed a zero-day exploited in attacks against Google Chrome users

PyPI maintainers alert users to email verification phishing attack

FBI seizes 20 BTC from Chaos Ransomware affiliate targeting Texas firms

Critical SAP flaw exploited to launch Auto-Color Malware attack on U.S. company

Orange reports major cyberattack, warns of service disruptions

QUICK LINKS

spyware

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!