Attackers are sending fake Home Front Command SMS messages to Israelis, tricking them into installing a trojanised Red Alert app that silently steals texts, contacts, location data, and device accounts.
Source: Acronis Threat Research Unit
Read more: CyberSecBrief
Google tracked 90 zero-days exploited in 2025, and for the first time ever, commercial surveillance vendors were responsible for more attributed zero-day attacks than traditional state-sponsored espionage groups.
Source: Google Threat Intelligence Group
Read more: CyberSecBrief
A trojanised Red Alert app spreads via SMS spoofing in Israel, harvesting contacts, messages, and location data amid civilian panic.
Source: CloudSEK
Read more: CyberSecBrief
i literally cannot uninstall appcloud. i “uninstalled” it using adb, but 20min later i get a notification from it telling me about all the cool new apps i could have after a system update
How Paragon Turns Phones Into Spy Tools 🔍📱#cybersecurity
This video explores Paragon’s Graphite spyware, its evolution, and how it compares to tools like Pegasus. We dive into its stealthy, precise design and what its development means for the future of state-level cyber capabilities.
Imagine having a guy in your house that walks around and notes down details all the time about what happens in your home and he never lets you see what hes noting og sketching and never tells you what hes doing with these sketches. Thats whats happening when you let any household electronic connect to the internet.
And the problem is that a lot of you dumbasses would go “yayyy hes my friend <3<3” and let him stay because every now and then he makes mediocre rice for you or dusts off your books.
Machines should not need internet connections to work, we have more than advanced enough storage technology that they can have their code embedded.
Smart TVs are invasive because corporations are greedy.
It really seems like most products are just about collecting your data, so they charge you to buy the product, and then they take your data and sell that, so they’re making money from both ways. In a surprise, Texas is actually taking action against companies and warning the public. Of course the reason Texas Republicans would be pushed into actually taking action against companies harming the public only by the spectre of the CCP, but ok.
Attorney Gneral of Texas: December 19, 2025 | Press Release - CONSUMER ALERT: Ken Paxton Warns Texans About CCP-Aligned Smart TVs that are Spying on Them Attorney General Ken Paxton is issuing a consumer alert both warning Texans about the dangers of smart TVs spying on them, as well as providing general guidance as to how to turn off the invasive technology.
My letter to reps:
Texas isn’t really known for great consumer protections and even the Texas AG is taking action against Smart TV companies and issuing warnings about the way they spy on consumers with invasive surveillance technology. These smart tvs take screenshots of what’s on the screen and collects and then uses or maybe sells that data, including what little children are watching on tv which is already illegal, and including screenshots of what someone has on the screen when connected by HDMI for example, from their private photo slideshow. And then they make it hard or impossible for people to figure out how to opt out. And I’m not convinced that it stops even if you opt out and disconnect the tv from the internet and use an Apple TV streaming device instead. They can put stuff in there that connects independently to cell services and transmitting data on its own. They have medical devices that do that, after all. Why do we have to put up with all these things we have to use in life being filled with garbage spying on us, and worse, we pay for it to happen to us? There ought to be a law against all this outrageous conduct by companies.
Please feel free to copy or repurpose for your own letters to reps.
Amazon’s Ring cancels Flock partnership amid Super Bowl ad backlash
The partnership between Flock and Ring came under scrutiny after the Amazon doorbell company ran an ad during the Super Bowl that touted a “Search Party” feature that uses artificial intelligence to help locate lost pets. When a user initiates the feature, it activates a network of participating Ring cameras, which scan footage for images resembling the missing dog. The Electronic Frontier Foundation called the feature a “surveillance nightmare.”
so they’re doing a test-census with a bunch of new questions like “how many rooms does your house have” and so maybe now it’s time to toss your roomba. why is a vacuum making and sharing through wifi a detailed map of your house. why does it need wifi for that even.
Surveillance technology has grown by leaps and bounds in the last few decades. Mobile tracking like GPS, while necessary in emergencies, can be exploited easily. We do it to ourselves, even. How many of us ‘check-in’ at a location on social media? Want to know where your children are? There’s an app for that (there are several, in fact). And speaking of apps, data collection metrics are inherent in how they work. They track usage, shopping carts, names, addresses, financial data, on and on. As a society, we have become inured to the idea that our availability is perpetual and our privacy doesn’t matter in exchange for convenience. And this too falls under the exploitable category.
Mobile devices are notoriously insecure. Where a computer, be it laptop or desktop, comes with built in security software, like Windows Defender and XProtect and Gatekeeper on macOS, phones and tablets usually do not. And while there are numerous antiviral programs available to download, protections like Defender aren’t part of built-in mobile software, generally speaking. In essence, it’s up to the user to provide their own security, and be cautious when using their device. And threat actors know this.
Smishing, a phishing attack sent through text message, is the most common vector for infecting mobile platforms. Much like its email counterpart, a message is sent with a link to download something, or a redirect to a compromised website. It’s counting on the user not being able to hover over the link to see its actual source the way one can on a traditional setup. It’s also counting on people clicking a message from someone not in their contact list.
A couple of days ago, iVerify published a blog post regarding ZeroDayRAT, a spyware toolkit currently targeting Android and iOS users. It’s being openly sold on Telegram, and is organized as a suite of functions on a single dashboard, giving attackers full remote control over infected devices. Its developer maintains support for Android 5 through 16, and iOS up to 26, including the iPhone 17 Pro. Victim profiling is the first step, learning who they talk to, over both text and voice, how they use their apps, where they live and go, what accounts they hold. It intercepts messages, giving the operator the same information as the user with regards to banking, carriers and contacts alike.
But it does more than that. Passive data collection is bad enough, but this toolkit can also maintain live camera feeds and keylogging, meaning that it can see everything the user sees and access everything put in via the touchpad. Locations, screen and microphone recording. Biometric unlocks, gestures, keystrokes, app launches. This gives attackers all they need to hijack these controls. A crypto stealer scans for wallet apps, while a separate bank stealer module targets online banking apps, UPI platforms like PhonePe and Google Pay, and services like Apple Pay and PayPal. Between the two stealers, this captures the credentials of both and the threat actor can go after traditional financial accounts and cryptocurrency from the same panel.
This toolkit combines credential theft, account takeover, and data exfiltration into one platform. Previously this type of spyware has been seen only by nation-states backed by investment or bespoke exploit development. Now it’s in the hands of anyone who wants to buy it from Telegram, no further expertise required. And the danger isn’t just to individuals. How many people have a separate work phone that contains all the data and credentials for their employer?
iVerify states that detecting a threat like ZeroDayRAT requires deeper EDR beyond typical device management and that this type of protection should be as prioritized on mobile platforms as it is elsewhere. They’re right. But prevention is cheaper and simpler. In fact, it’s just one easy step. It always comes down to trust, or the deliberate lack of it in this case.
Don’t click that dodgy link!
Posted, 2/12/26
Israeli spyware company Paragon posted its surveillance software’s control panel by mistake. Their Graphite software has been used to target journalists, government critics, and human rights defenders in ongoing scandals in Serbia, Spain, Greece, Poland, Hungary, and Italy.
How the US Government Bought $2 Million Spyware: The Dark Side of Digital Surveillance
How much of your digital life is being watched? This video reveals how the US government secretly acquired $2 million in spyware to track everything from your messages to your location. Protect your privacy before it’s too late.
just had a system update on android (UI 6.1, v. 14) today (30/jan/2026) that downloaded a lot of spyware and bloatware.
it’s that same old: none of the apps show on the homescreen and you have to find them on the apps list on configurations. some of the uninstallable apps have all permissions locked as on, from which i found out i could turn some of those permissions off if i went through the permission manager.
i was looking the apps i didnt recognize one by one, looking up what they did and if it would brick my phone to rip it off, and many of them are just data collection. some could be un-updated and then disappeared or changed name (this is why I’m not naming them, some changed name as soon as i messed with their configurations).
many apps i had already disabled or taken off all permissions had everything re-enabled. so for whoever had an OS update recently, it’s best to give a new sweep on all apps.
iT4iNT SERVER WhatsApp Rolls Out Lockdown-Style Security Mode to Protect Targeted Users From Spyware http://dlvr.it/TQbc0V VDS VPS Cloud
Miku trend but it’s luka and it’s a redesign on malware luka/spywaifu from a 2025 au i used to do on t*ktok
Hiç telefonunuzun kendi kendine hareket ettiğini, pilinin durduk yere bittiğini veya sizin yazmadığınız mesajların gönderildiğini fark ettiniz mi? Cevabınız evet ise, dijital bir gölge tarafından izleniyor olabilirsiniz. 📱💻
Casus yazılımlar (spyware), kendilerini sistem dosyalarının arkasına gizleyen profesyonel araçlardır. Onları sıradan bir antivirüsle bulamazsınız. Lion Kriminal olarak, en derin katmanlara sızmış zararlı kodları adli bilişim teknikleriyle gün yüzüne çıkarıyoruz.
Sadece virüsü silmek yetmez! Kimin, ne zaman ve hangi amaçla cihazınıza sızdığını bilmek hakkınız. Türkiye'deki yasal çerçeveye uygun, mahkemelerde delil niteliği taşıyan raporlamalar için Casus ve Zararlı Yazılım Tespiti rehberimize göz atın.
“Dijital dünyada mahremiyet, en büyük hazinenizdir. Onu korumak için teknik uzmanlık şart.” — Uzman Görüşü
The founder of pcTattletale has pleaded guilty after US prosecutors revealed the spyware was secretly marketed for illegal surveillance, following a breach that exposed how customers monitored victims without consent.
Source: Bitdefender
Read more: CyberSecBrief
