Federal Agents Need to Patch These Spyware Exploits
Spyware is nasty business. It’s a form of malware designed to live on the victim’s devices and report back their every move to the host, including everything from browsing activity to keystrokes. Unfortunately, a massive spyware campaign was successfully run on federal agents, and the government is, understandably, most displeased. The Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agents

Spyware is nasty business. It’s a form of malware designed to live on the victim’s devices and report back their every move to the host, including everything from browsing activity to keystrokes. Unfortunately, a massive spyware campaign was successfully run on federal agents, and the government is, understandably, most displeased.
The Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agents to update their devices to patch known actively exploited zero-day vulnerabilities. These zero-days aren’t your usual vulnerabilities, either, as their exploits are designed to install commercial spyware on victims’ devices.
These exploits have been abused in two specific malware campaigns, first rolling out in November of last year, then again in December. The first targeted both iOS and Android devices, while the next focused exclusively on Samsung devices. Interestingly, these devices were running the latest version of Samsung Internet, Samsung’s proprietary browser.
This culminated in a “spyware suite,” allowing bad actors to decrypt data from chat and browser programs.
CISA included five of the ten vulnerabilities used in the two spyware campaigns to its Known Exploited Vulnerabilities (KEV) catalog, including:
- CVE-2021-30900 Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability
- CVE-2022-38181 Arm Mali GPU Kernel Driver Use-After-Free Vulnerability
- CVE-2023-0266 Linux Kernel Use-After-Free Vulnerability
- CVE-2022-3038 Google Chrome Use-After-Free Vulnerability
- CVE-2022-22706 Arm Mali GPU Kernel Driver Unspecified Vulnerability
Agents have until April 20 to patch these devices.
Share This
More Articles

May. 23, 2023
Protect Your Company By Boosting Your Password

May. 23, 2023
How AI-Generated Voice Scams Can Threaten Your Business

May. 16, 2023
The Most Frequently Found Passwords on the Dark Web

May. 15, 2023
Cybersecurity Tips for Small to Midsize Businesses

May. 09, 2023
U.S. Justice Department Seizes 13 DDoS-for-hire Domains
View All