Reuters reported Friday that the phones of US State Department personnel in Uganda were infested with Pegasus surveillance software. NSO Group has said that Pegasus will not run on phones registered with the characteristic +1 US country code, but the affected State Department personnel used phones registered with foreign country codes. It's unclear which customer deployed the tool in this incident. The Israeli embassy in Washington said that, "if these claims are true, it is a severe violation" of Israeli cyber export control law. NSO Group says it's investigating allegations of Pegasus abuse.
NSO Group is "in debt and under pressure," Vox reports. A Haaretz analysis concludes that Jerusalem is unlikely to carry NSO Group's water in this case, and that the incident might represent "a death knell" for the company.
Alt-coin exchange BitMart suspended deposits and withdrawals Saturday, the company's CEO tweeted, after the exchange identified "a large-scale security breach" affecting two of its hot wallets. BitMart attributes the incident to a stolen private key, and it hopes to gradually begin resuming normal trading tomorrow. The blockchain security firm PeckShield estimates total losses at about $196 million. BitMart's CEO says the exchange intends to compensate affected depositors from the company's own funds.
A video call scheduled for tomorrow between Russian President Putin and US President Biden will take up, among other topics, cybersecurity issues, the White House announced Saturday. Tensions over Ukraine will figure prominently in the discussion. (Russia has dismissed US complaints of aggression with a tu quoque.)