Google Chrome Zero-Day Weaponized to Spy on Journalists
Candiru attackers breached a news agency employee website to target journalists with DevilsTongue spyware, researchers say.
Spyware coverage examines reported incidents, technical analysis, infrastructure, disruption efforts, and defensive guidance on unauthorized monitoring.
Search across headline titles and summaries.
Background for this topic.
Spyware is malicious software that covertly monitors a device or user and sends collected information to an unauthorized party. Depending on its capabilities, it may capture keystrokes, credentials, messages, files, browsing activity, or location data, and may use microphones or cameras when permissions or vulnerabilities allow it. The term covers both broadly distributed malware and more specialized surveillance tools, so reporting should identify a family or tool only when evidence supports it.
Spyware commonly reaches systems through deceptive applications, malicious attachments, bundled software, or exploitation of unpatched software; the relevant exposure depends on the reported case. Security teams should prioritize timely vulnerability and application updates, restrict installation and permissions, and use endpoint or mobile telemetry to detect unusual collection or outbound connections. Suspected infections require isolation and evidence preservation, followed by credential rotation from a trusted device and assessment of what privacy-sensitive data may have been accessed. These findings can also inform legal or regulatory handling where monitoring involved personal or confidential information.
Candiru attackers breached a news agency employee website to target journalists with DevilsTongue spyware, researchers say.
The actively exploited but now-fixed Google Chrome zero-day flaw that came to light earlier this month was weaponized by an Israeli spyware company and used in attacks targeting journalists in the Middle East
The CloudMensis spyware, which can lift reams of sensitive information from Apple machines, is the first Mac malware observed to exclusively rely on cloud storage for C2 activities.
The Israeli spyware vendor Candiru was found using a zero-day vulnerability in Google Chrome to spy on journalists and other high-interest individuals in the Middle East with the 'DevilsTongue' spyware. [...]
Cybersecurity researchers have taken the wraps off a previously undocumented spyware targeting the Apple macOS operating system
Citizen Lab claim their investigation has revealed an “extensive espionage campaign” targeting pro-democracy protestors and activists
Thai activists involved in the country's pro-democracy protests have had their smartphones infected with the infamous Pegasus government-sponsored spyware
Google removed eight Android apps, with 3M cumulative downloads, from its marketplace for being infected with a Joker spyware variant.