Security News

Google is currently tracking more than 40 CSVs, most of which are highly technical with the ability to develop spyware and zero-day exploits to compromise their targets, particularly on Android and iOS devices. Read details about what CSVs target, how spyware is used, CSVs' harmful impact on individuals and society and how businesses can mitigate these cybersecurity threats.

In a report published on Tuesday, Google TAG named eleven commercial spyware vendors and their products - some of them more and some less known. Apart from commercial surveillance vendors and private sector offensive actors, other actors on the spyware market include vulnerability researchers and exploit developers, government customers, and brokers that act as intermediaries between these groups.

A coalition of dozens of countries, including France, the U.K., and the U.S., along with tech companies such as Google, MDSec, Meta, and Microsoft, have signed a joint agreement to curb the abuse...

The commercial spyware economy - despite government and big tech's efforts to crack down - appears to be booming. The US government added commercial spyware makers Intellexa and Cytrox to its Entity List, after placing similar export restrictions on NSO Group in 2021.

Commercial spyware vendors were behind 80% of the zero-day vulnerabilities Google's Threat Analysis Group discovered in 2023 and used to spy on devices worldwide. Google's TAG has been following the activities of 40 commercial spyware vendors to detect exploitation attempts, protect users of its products, and help safeguard the broader community by reporting key findings to the appropriate parties.

The U.S. State Department said it's implementing a new policy that imposes visa restrictions on individuals who are linked to the illegal use of commercial spyware to surveil civil society...

Secretary of State Antony J. Blinken announced today a new visa restriction policy that will enable the Department of State to ban those linked to commercial spyware from entering the United States. "The State Department is implementing a new policy today that will allow the imposition of visa restrictions on individuals involved in the misuse of commercial spyware," Blinken said.

The iPhones belonging to nearly three dozen journalists, activists, human rights lawyers, and civil society members in Jordan have been targeted with NSO Group's Pegasus spyware, according to...

A previously undocumented China-aligned threat actor has been linked to a set of adversary-in-the-middle (AitM) attacks that hijack update requests from legitimate software to deliver a...

A US court has rejected spyware vendor NSO Group's motion to dismiss a lawsuit filed by Apple that alleges the developer violated computer fraud and other laws by infecting customers' iDevices with its surveillance software. Apple sued NSO, developer of the notorious Pegasus spyware, back in November 2021 and asked the court to permanently ban NSO from using any Apple software, services, or devices.