The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about state-backed threat actors and cyber-mercenaries actively exploiting commercial spyware to compromise Signal and WhatsApp accounts belonging to high-value targets. The alert, published in late November 2025, reveals that attackers are bypassing encryption protocols through sophisticated social engineering, spoofed applications, and zero-click exploits rather than breaking the encryption itself.
Targeted victims
CISA identifies the primary targets as high-value individuals including current and former senior government officials, military personnel, political figures, and civil society organizations across the United States, Middle East, and Europe. Attackers establish initial access through spyware deployment, then use that foothold to deliver additional malicious payloads and expand their control over compromised devices.
Modus operandi
The campaigns employ multip
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: