#commercial-spyware

[ follow ]
#intellexa #sanctions #paragon-solutions #cve-2026-20700 #dyld #iosmacos-security-updates #webkit-zero-days
fromSecurityWeek
2 weeks ago

Apple Patches iOS Zero-Day Exploited in 'Extremely Sophisticated Attack'

Tracked as CVE-2026-20700, the zero-day flaw is described as a memory corruption issue that could be exploited for arbitrary code execution. It affects dyld (Dynamic Link Editor), the system component responsible for loading dynamic libraries into memory and which acts as a connector between application code and system frameworks. "Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26," Apple noted in its advisory.
Apple
Information security
fromTheregister
1 month ago

Trump admin lifts sanctions on Predator-linked spyware execs

The Trump administration removed US business restrictions on three previously sanctioned Intellexa-linked individuals tied to the Predator spyware consortium.
US politics
fromThe Hacker News
1 month ago

U.S. Treasury Lifts Sanctions on Three Individuals Linked to Intellexa and Predator Spyware

Three individuals linked to the Intellexa Consortium and Predator spyware were removed from the U.S. Treasury's specially designated nationals list.
Information security
fromThe Hacker News
2 months ago

Weekly Recap: Apple 0-Days, WinRAR Exploit, LastPass Fines, .NET RCE, OAuth Scams & More

Critical zero-day vulnerabilities in Apple and Google products and a .NET SOAPwn flaw are actively exploited; install updates and patch affected software immediately.
fromTheregister
3 months ago

CISA: Spyware crews breaking into Signal, WhatsApp accounts

The agency says the activity it's seeing suggests an increasing focus on "high-value" individuals - everyone from current and former senior government, military, and political officials to civil society groups across the US, the Middle East, and Europe. In many of the campaigns, attackers delivered spyware first and asked questions later, using the foothold to deploy more payloads and deepen their access.
Information security
fromThe Hacker News
3 months ago

CISA Warns of Active Spyware Campaigns Hijacking High-Value Signal and WhatsApp Users

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday issued an alert warning of bad actors actively leveraging commercial spyware and remote access trojans (RATs) to target users of mobile messaging applications. "These cyber actors use sophisticated targeting and social engineering techniques to deliver spyware and gain unauthorized access to a victim's messaging app, facilitating the deployment of additional malicious payloads that can further compromise the victim's mobile device," the agency said.
Information security
Information security
fromWIRED
5 months ago

US Investment in Spyware Is Skyrocketing

Resellers and brokers expand and obscure the spyware supply chain, creating accountability gaps while remaining largely absent from current policy responses.
Information security
fromTheregister
5 months ago

ICE spyware deal put on hold by Biden released by Trump

ICE's purchase of Paragon Solutions spyware was reinstated after Paragon became US-owned, circumventing a previous executive-order ban on foreign commercial spyware.
Information security
fromwww.theguardian.com
5 months ago

Ice obtains access to Israeli-made spyware that can hack phones and encrypted apps

U.S. Immigration and Customs Enforcement has operational access to Graphite, a commercial spyware able to compromise any mobile phone and bypass encrypted apps.
fromSecuritymagazine
7 months ago

CISA's Reset Delays Action as Mobile Spyware Surges

Leadership changes at CISA, intended for modernization, are currently hindering federal cybersecurity progress as adversaries' tactics evolve faster than new policies can adapt.
Mobile UX
[ Load more ]