-
Meta says it blocked NSO Group WhatsApp phishing attempts
Meta said it blocked spear-phishing attempts linked to NSO Group on WhatsApp and is asking a U.S. court to hold the spyware vendor in contempt over alleged violations of a permanent injunction.
-
Handala claims leak of US Marines data in WhatsApp threat campaign
US Marines in the Persian Gulf received WhatsApp threats from the Iran-linked Handala hacking group, which claimed to leak personal data on 2,379 service members and said it knew their family details and routines.
-
Ukraine warns of campaign targeting clinics with malware that steals browser and WhatsApp data
Ukraine’s CERT-UA said a March to April 2026 campaign targeted clinics, hospitals and some government bodies with malware that could steal browser and WhatsApp data, using phishing emails, LNK files and HTA loaders.
-
Phishing campaign uses Casbaneiro and Horabot to target Latin America and Europe
A phishing campaign is using court summons-themed emails, WhatsApp automation and ClickFix tactics to spread Casbaneiro and Horabot across Latin America and Europe, according to a BlueVoyant technical analysis.
-
Microsoft Warns of WhatsApp Campaign Delivering Malicious VBS Files
Microsoft says a campaign that began in late February 2026 has used WhatsApp messages to spread malicious VBS files, then used renamed Windows tools and cloud services to help install persistent access on infected systems.
-
Meta disables more than 150,000 accounts tied to Southeast Asia scam centres
Meta disabled more than 150,000 accounts tied to Southeast Asia scam centres and 21 arrests followed in Thailand, while new platform tools and a U.K. disruption unit aim to scale takedowns and reduce fraud.
-
Dutch advisory links Russian actors to Signal and WhatsApp account hijacking campaign
A Dutch AIVD advisory links Russian state-sponsored actors to phishing that hijacks Signal and WhatsApp accounts of officials and journalists. Attacks use fake support chatbots and malicious QR codes to seize or link devices and monitor messages.
-
Russia moves to block WhatsApp after national DNS exclusions limit access
Russian authorities moved to block WhatsApp by excluding its domains from the national DNS, leaving the service reachable only via VPNs or external DNS. The move follows earlier throttling and registration restrictions.
-
WhatsApp adds Strict Account Settings to block media from unknown contacts
Meta announced Strict Account Settings for WhatsApp to lock accounts to restrictive options and block media from unknown contacts. The feature rolls out over weeks and a Rust-based media library will be used to improve memory safety.
-
SEC Charges Multiple Firms Over $14 Million Artificial Intelligence Crypto Scam
The U.S. Securities and Exchange Commission has charged several firms and investment clubs in an alleged AI-themed cryptocurrency scam that defrauded retail investors of more than $14 million, accusing operators of using WhatsApp groups and fake trading platforms to solicit funds.
