Pegasus BLASTPASS Making Use of libwebp Security Vulnerability
NSO Group’s Pegasus spyware recently re-emerged with a new zero-click attack chain called BLASTPASS, and new CVE filings from Google indicate that the libwebp library used to display WEBP images has a security vulnerability that is a key part of the process.