US investor consortium buys controlling stake in spyware developer NSO Group

The company told TechCrunch today that “an American investment group has invested tens of millions of dollars in the company ...

Apple offers to pay up to $2 million for finding Pegasus-like spyware in iPhones and other devices

Apple’s revamped program will offer $2 million for exploit chains capable of achieving “mercenary spyware-level” attacks — ...

Italian businessman’s phone reportedly targeted with Paragon spyware

The alleged targeting of prominent Italian businessman Francesco Gaetano Caltagirone now widens the Paragon spyware scandal ...

Spyware maker NSO Group confirms acquisition by US investors

NSO Group confirmed to TechCrunch that an unnamed group of American investors has taken “controlling ownership” of the surveillance tech maker.
SecurityWeek

In Other News: Gladinet Flaw Exploitation, Attacks on ICS Honeypot, ClayRat Spyware

Other noteworthy stories that might have slipped under the radar: US universities targeted by payroll pirates, Zimbra ...

New FileFix attack uses cache smuggling to evade security software

A new variant of the FileFix social engineering attack uses cache smuggling to secretly download a malicious ZIP archive onto ...
Meduza

What a top Russian cyber forensics conference reveals about the country’s ability to hack iPhones and Androids

The human rights group Memorial found a publicly available video recording of the 2025 Moscow Forensics Day conference, held ...

Hackers now use Velociraptor DFIR tool in ransomware attacks

Threat actors have started to use the Velociraptor digital forensics and incident response (DFIR) tool in attacks that deploy ...
Infosecurity Magazine

New Stealit Malware Campaign Spreads via VPN and Game Installer Apps

A new campaign distributing the Stealit infostealer employs previously unknown malware delivery techniques and infrastructure ...
The Hacker News

Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware

Microsoft links Storm-1175 to GoAnywhere flaw CVE-2025-10035, exploited since September for Medusa ransomware.