ShadyPanda Turns Popular Browser Extensions with 4.3 Million Installs Into Spyware
A threat actor known as ShadyPanda has been linked to a seven-year-long…
CISA Warns of Active Spyware Campaigns Hijacking High-Value Signal and WhatsApp Users
Nov 25, 2025Ravie LakshmananSpyware / Mobile Security The U.S. Cybersecurity and Infrastructure…
Italian spyware vendor linked to Chrome zero-day attacks
A zero-day vulnerability in Google Chrome, exploited in Operation ForumTroll earlier this…
New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps
Oct 09, 2025Ravie LakshmananMobile Security / Malware A rapidly evolving Android spyware…
Apple Warns French Users of Fourth Spyware Campaign in 2025, CERT-FR Confirms
Sep 12, 2025Ravie Lakshmanan Apple has notified users in France of a…
Android Droppers Now Deliver SMS Stealers and Spyware, Not Just Banking Trojans
Sep 01, 2025Ravie LakshmananMobile Security / Malvertising Cybersecurity researchers are calling attention…
Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign
An abandoned update server associated with input method editor (IME) software Sogou…
WhatsApp Issues Emergency Update for Zero-Click Exploit Targeting iOS and macOS Devices
Aug 30, 2025Ravie LakshmananZero-Day / Vulnerability WhatsApp has addressed a security vulnerability…
Google’s August Patch Fixes Two Qualcomm Vulnerabilities Exploited in the Wild
Aug 05, 2025Ravie LakshmananVulnerability / Mobile Security Google has released security updates…