Researchers at Google have found signs that a Russian threat actor is reusing iOS and Chrome exploits. These researchers have observed Russia’s APT29 using exploits very similar to one’s used by NSO Group and Intellexa. This suggests that the tools may have been acquired between state-backed actors. APT29 has been connected to multiple high-profile attacks, such as a breach at Microsoft. Google believes that APT29 has adapted NSO Group’s exploit, as the triggers in the attack are very similar but the exploit is different. 

Read more: https://www.securityweek.com/google-catches-russian-apt-re-using-exploits-from-spyware-merchants-nso-group-intellexa/