NSO Group has filed an appeal to overturn a U.S. federal court's permanent injunction that prohibits the company from targeting WhatsApp with its Pegasus spyware. The injunction, issued by Judge Phyllis Hamilton in the Northern District of California, found that NSO Group had improperly used WhatsApp's infrastructure to target approximately 1,400 users with zero-click exploits. NSO argues that the ruling misapplies the Computer Fraud and Abuse Act (CFAA) and mischaracterizes how Pegasus operates, claiming that the order could force the company out of business and disrupt law enforcement and intelligence operations that rely on its technology.
In its motion to stay the injunction pending appeal, NSO Group emphasized the "catastrophic" and "irreparable" harm the order would cause, including the requirement to destroy code that interacts with WhatsApp. The company also contends that the injunction would prevent it from engaging in lawful business activities, such as developing and licensing products for authorized government investigations, while leaving competitors unaffected. NSO has recently appointed a former U.S. envoy to Israel as executive chairman and confirmed new U.S. investors, underscoring the high stakes of the legal battle for its future operations and partnerships.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
6 events from the most recent confirmed update back to the earliest known activity.
NSO Group filed a motion seeking to stay the permanent injunction, arguing it would cause irreparable harm, threaten the company's survival, and block lawful future work with U.S. law enforcement and intelligence customers.
A permanent injunction was entered against NSO Group preventing it from using Pegasus to target WhatsApp and requiring actions affecting code tied to its operations. The order became the basis for NSO's subsequent appeal and request for relief.
NSO Group recently named a former U.S. envoy to Israel as its executive chairman, a leadership move noted alongside its effort to preserve future U.S. government business.
NSO Group confirmed that U.S. investors had purchased the company, marking a significant ownership change referenced in reporting on its legal strategy.
NSO Group's earlier effort to be removed from the U.S. Commerce Department trade blacklist was rejected by the Trump administration, according to the later court filings described in the coverage.
NSO Group said the FBI previously bought a license for its Pegasus spyware, a fact cited in the company's later court arguments about potential U.S. government use of its products.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
3 references tracked. Mallory keeps watching after this page renders.
scworld.com
Open sourcetherecord.media
Open sourcecyberscoop.com
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.