Security news aggregator

Latest coverage for NSO Group

Coverage examines reported NSO Group-linked spyware incidents, attribution, infrastructure, disruption, and defensive guidance.

17 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

NSO Group is a commercial surveillance-technology company best known for Pegasus, spyware reported to compromise mobile devices and collect messages, files, location data, or sensor inputs. Reports have alleged use against journalists, activists, and political figures, but attribution generally concerns customers or operators using the tools rather than NSO Group directly conducting each intrusion. The tag therefore covers reported deployments, vulnerability research, infrastructure, legal or commercial restrictions, and efforts to detect or disrupt the spyware.

For defenders, Pegasus-related incidents matter because mobile compromise may involve highly targeted exploits, including cases requiring little or no user interaction, and may leave limited conventional endpoint evidence. Practical responses include rapid installation of mobile operating-system security updates, restricting unnecessary device exposure, and treating suspected targeting as a forensic incident: preserve the device, collect relevant logs and backups carefully, and obtain specialist analysis rather than immediately resetting it. Organizations should also assess privacy, consent, and legal obligations when handling evidence or protecting people at elevated risk.

Volume over time

Weekly headline count for the current query.

Showing 17 most recent headlines Filtered view

A federal jury on Tuesday decided that NSO Group must pay Meta-owned WhatsApp WhatsApp approximately $168 million in monetary damages, more than four months after a federal judge ruled that the Israeli company violated U.S. laws by exploiting WhatsApp servers to deploy Pegasus spyware, targeting over 1,400 individuals globally

Hold on tight, folks, because last week's cybersecurity landscape was a rollercoaster! We witnessed everything from North Korean hackers dangling "dream jobs" to expose a new malware, to a surprising twist in the Apple vs. NSO Group saga. Even the seemingly mundane world of domain names and cloud configurations had its share of drama. Let's dive into the details and see what lessons we can glean

Cybersecurity researchers have identified a "lightweight method" called iShutdown for reliably identifying signs of spyware on Apple iOS devices, including notorious threats like NSO Group's Pegasus, QuaDream's Reign, and Intellexa's Predator.  Kaspersky, which analyzed a set of iPhones that were compromised with Pegasus, said the infections left traces in a file

A previously unknown zero-click exploit in Apple's iMessage was used to install mercenary spyware from NSO Group and Candiru against at least 65 individuals as part of a "multi-year clandestine operation." "Victims included Members of the European Parliament, Catalan Presidents, legislators, jurists, and members of civil society organizations," the University of Toronto's Citizen Lab said in a