CISA urges mobile security

According to a message from CISA on Monday, November 24th 2025, Messaging apps are being targeted by malicious spyware actors using commercial spyware programs.

Several threat actors have used “sophisticated targeting and social engineering techniques to deliver spyware and gain unauthorized access to a victim’s messaging app,” which then lets them deploy additional malware and acquire deeper access to the target’s phone, CISA said in an alert.

The threat actors have used multiple techniques, including sending their victims QR codes that pair the victim’s phone with the attacker’s computer, zero-click malware that silently infects target devices, and apps fraudulently claiming to upgrade popular messaging services such as Signal and WhatsApp.

Read more here: https://www.cybersecuritydive.com/news/cisa-spyware-alert-messaging-apps-security-warning/806429/