‘Happy Gilmore’ producer buys spyware maker NSO Group

Publish this research The week suggests that North Korean scammers are trying just that Tricking American companies into hiring them for architectural design workUsing fake profiles, resumes, and Social Security numbers to pretend they are legitimate employees. This hustle fits into the reclusive kingdom’s long-standing campaigns to steal billions of dollars from organizations around the world that use it Careful planning and coordination To emerge as professionals in all different fields.

Under pressure from the Department of Justice Apple Remove a series of applications From its iOS App Store this month related to monitoring U.S. Immigration and Customs Enforcement activity and archiving content related to ICE actions. As more apps are removed, Several developers told WIRED this week that they won’t give up fighting Apple decisions, and many are still distributing their apps to other platforms in the meantime.

WIRED examined the growing warnings from software supply chain security researchers that… The proliferation of AI-generated software in codebases will create a more extreme version of the issues of code transparency and accountability. Which has achieved widespread integration of open source software components. and Apple announced expansions to its bug bounty program this week, including a maximum amount of $2 million For some exploit chains that can be abused to distribute spyware, additional rewards for exploits exist in Apple’s Lockdown Mode or in beta versions of new software.

But wait, there’s more! Every week we round up security and privacy news that we haven’t published in-depth ourselves. Click on the titles to read the full stories. And stay safe out there.

Notorious spyware vendor NSO Group, known for developing the Pegasus malware, has faced financial troubles since losing a long legal battle against secure messaging platform WhatsApp as well as a lawsuit filed by Apple. Now, the company, which has long been owned by Israel, has been bought by a group of US-based investors led by film producer Robert Symonds, who helped finance Happy Gilmore, Billy Madison, Pink Panther, Hustlersand Ferrariamong many other films. The deal is reportedly worth “several tens of millions of dollars” and is nearing completion. The Defense Ministry’s Defense Export Control Agency (DECA) will need to approve the sale. Use of mercenary spyware may It has increased within some US federal government agencies Since the beginning of the Trump administration.

Hundreds of national security and cybersecurity professionals who work at the U.S. Department of Homeland Security have faced mandatory reassignment in recent weeks to roles related to President Donald Trump’s mass deportation agenda. Bloomberg reports that the affected workers are largely senior employees who are not union-eligible. Workers who refuse to transfer roles will reportedly be fired. Members of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), who faced reassignment, reportedly worked to “issue alerts about threats against US agencies and critical infrastructure.” For example, CISA’s Capacity Building Team has faced a number of reassignments, which may hinder access to emergency recommendations and guidance for high-value federal government assets. The workers were transferred to agencies including Immigration and Customs Enforcement, Customs and Border Protection, and the Federal Protective Service.

A The last violation From a third-party customer service provider used by the Discord communications system, it includes a large data set from over 70,000 Discord users that contains identifying documents as well as personal photos, email addresses, phone numbers, some home location information, and more. The data was collected as part of age verification checks, which are automated It has long been criticized To centralize users’ sensitive information. 404 Media reports that the breach was committed by attackers trying to extort Discord. “This is about to get really ugly,” the hackers wrote on a Telegram channel on Wednesday while posting the stolen data.

U.S. Immigration and Customs Enforcement signed an $825,000 contract in May with TechOps Specialty Vehicles (TOSV), a Maryland-based company that manufactures law enforcement equipment and vehicles. The company provides products that include rogue cell towers used for phone monitoring and are sometimes called “stingrays” or “cell site simulators.” Public records A review reviewed by TechCrunch shows that the agreement describes how the company “provides Cell Site Simulator (CSS) vehicles in support of the Homeland Security Technical Operations Program” and is an amendment to “additional CSS vehicles.” TOSV also began a similar $818,000 contract with ICE in September 2024, before the start of the Trump administration. In an email to TechCrunch, TOSV President John Brennas declined to share details about the contracts but confirmed that the company provides cell site simulators. The company doesn’t make it itself, he said.