CISA warns of active spyware campaigns targeting Signal and WhatsApp users, utilizing social engineering and commercial spyware to gain unauthorized access. High-value individuals, including government officials, are primary targets. Notable campaigns exploit app features and security flaws to deploy malware. Users are advised to use encrypted communications, avoid SMS-based MFA, update software, and secure app permissions to enhance safety.
https://thehackernews.com/2025/11/cisa-warns-of-active-spyware-campaigns.html

