Batavia spyware steals data from Russian organizations
Kaspersky experts have discovered a new spyware called Batavia, which steals data from corporate devices.
spyware
A flaw in Catwatchful spyware exposed logins of +62,000 users
A flaw in Catwatchful spyware exposed logins of 62,000 users, turning the spy tool into a data leak, security researcher Eric Daigle revealed. A flaw in the Catwatchful Android spyware exposed its full user database, leaking email addresses and plaintext passwords of both customers and its admin, TechCrunch first reported. Security researcher Eric Daigle first discovered […]
Catwatchful Android Spyware Leaks Credentials of 62,000+ Users
A major security lapse has exposed the credentials of over 62,000 users of Catwatchful, a full-featured Android spyware app that openly markets itself as a tool for covert surveillance. The breach, discovered by a security researcher, highlights the pe…
SparkKitty Spyware on App Store and Play Store, Steals Photos for Crypto Data
Kaspersky uncovers SparkKitty, new spyware in Apple App Store & Google Play. Steals photos, targets crypto info, active since early 2024 via malicious apps.
Photo-Stealing Spyware Sneaks Into Apple App Store, Google Play
Newly discovered spyware has sneaked into Apple’s App Store and Google Play to steal images from users’ mobile devices.
The post Photo-Stealing Spyware Sneaks Into Apple App Store, Google Play appeared first on SecurityWeek.
FreeType Zero-Day Found by Meta Exploited in Paragon Spyware Attacks
WhatsApp told SecurityWeek that it linked the exploited FreeType vulnerability CVE-2025-27363 to a Paragon exploit.
The post FreeType Zero-Day Found by Meta Exploited in Paragon Spyware Attacks appeared first on SecurityWeek.
iOS zero-click attacks used to deliver Graphite spyware (CVE-2025-43200)
A zero-click attack leveraging a freshly disclosed Messages vulnerability (CVE-2025-43200) has infected the iPhones of two European journalists with Paragon’s Graphite mercenary spyware, Citizen Lab researchers have revealed on Thursday. The attacks ha…
Paragon Spyware Used to Spy on European Journalists
Paragon is an Israeli spyware company, increasingly in the news (now that NSO Group seems to be waning). “Graphite” is the name of its product. Citizen Lab caught it spying on multiple European journalists with a zero-click iOS exploit:
On April 29, 2025, a select group of iOS users were notified by Apple that they were targeted with advanced spyware. Among the group were two journalists that consented for the technical analysis of their cases. The key findings from our forensic analysis of their devices are summarized below:
- Our analysis finds forensic evidence confirming with high confidence that both a prominent European journalist (who requests anonymity), and Italian journalist Ciro Pellegrino, were targeted with Paragon’s Graphite mercenary spyware.
…
Graphite Spyware Uses iOS Zero-Click Flaw to Target Journalists
Security researchers at Citizen Lab have uncovered the first forensic evidence linking Paragon’s Graphite mercenary spyware to zero-click attacks on journalists’ iPhones. The campaigns exploited a now-patched iMessage vulnerability (CVE-2025-43200) to …
Paragon ‘Graphite’ Spyware Linked to Zero-Click Hacks on Newest iPhones
Citizen Lab publishes forensic proof that spyware maker Paragon can compromise up-to-date iPhones. Journalists in Europe among victims.
The post Paragon ‘Graphite’ Spyware Linked to Zero-Click Hacks on Newest iPhones appeared first on SecurityWeek.