biosignals
-
Apple warns older iPhones vulnerable to web-based exploit kits
Apple warned in a support document that exploit kits Coruna and DarkSword can steal data from outdated iPhones via malicious websites. Users should install listed security updates or enable Lockdown Mode if updates are not possible.
-
ZeroDayRAT spyware sold on Telegram enables live surveillance and financial theft on Android and iOS
A technical analysis by iVerify identified ZeroDayRAT, a commercial spyware platform sold on Telegram that targets Android and iOS. The malware enables live camera and microphone access, location tracking, account enumeration and clipboard wallet hijacking.
-
CERT-UA advisory outlines PLUGGYAPE campaign using Signal and WhatsApp against Ukrainian forces
A CERT-UA advisory says PLUGGYAPE was used in October to December 2025 attacks on Ukrainian defense forces. Delivery used Signal and WhatsApp links to passworded archives that installed a PyInstaller executable and a Python backdoor.
-
Italy fines Apple €98.6 million over App Tracking Transparency practices
Italy’s competition authority fined Apple €98.6 million, saying App Tracking Transparency exempted Apple apps and forced developers into a burdensome double-consent process; Apple plans to appeal.
-
CISA warns of active spyware campaigns targeting messaging app users
CISA warned that threat actors are actively using commercial spyware and remote access trojans to compromise users of mobile messaging apps, citing multiple campaigns that used techniques such as zero‑click exploits, device‑linking QR codes and spoofed apps, and urged high‑value individuals to follow specific security guidance.
-
Researchers disclose Sturnus Android banking trojan that can capture messages and take over devices
Security researchers say a new Android banking trojan called Sturnus can capture decrypted messages from apps like WhatsApp, Telegram and Signal, present fake bank login screens, and allow remote control of infected devices; ThreatFabric reports the campaign so far is limited to Southern and Central Europe.
-
ESET: Fake Signal and ToTok Android Apps used to deploy spyware in UAE
ESET researchers warned that two spyware campaigns in the UAE use fake Signal and ToTok Android apps disguised as plugins or add‑ons to collect contacts, messages, backups and files; the spyware has been traced to mid‑2022 and is blocked by Google Play Protect for devices with Google Play Services.
-
Signal adds post‑quantum SPQR ratchet to its protocol
Signal announced the Sparse Post Quantum Ratchet (SPQR), to be combined with its Double Ratchet into a Triple Ratchet that Signal says will add post‑quantum protections while preserving forward secrecy and post‑compromise security, and will be rolled out gradually with formal verification and academic review.
-
ECG signals can be linked to individuals, study finds, prompting privacy cautions
A new study shows ECG signals can be linked to identifiable individuals with high accuracy, challenging traditional de-identification methods and prompting calls for stronger privacy protections in health data sharing.
