States use mercenary spyware technology, such as NSO Group’s Pegasus, Paragon’s Graphite, and Cytrox’s Predator, to remotely and clandestinely infect the smartphones of members of civil society and gain complete access to the targeted device’s data. While such invasive and powerful technology has been the focus of some limited government action to curb proliferation, the global spyware industry continues to thrive. Purportedly developed as a means of fighting crime and terrorism, spyware is sold to governments around the world, many of which have long histories of political repression and human rights abuses. Operating largely in secret and with little oversight, governments use mercenary spyware to target and gather information on human rights defenders, journalists, dissidents, and other members of civil society in violation of international human rights law. In addition to an absence of a global consensus on how to prevent such violations, there is a lack of accountability in the development, sale, and deployment of this technology and, most notably, a failure on the part of states or spyware companies to remedy these human rights violations. In the absence of any meaningful mechanism for remedy or reparation, this article investigates how members of civil society (in particular, journalists and human rights defenders) targeted by spyware have attempted to seek a remedy. First, the article describes the broader context in which mercenary spyware is used, focusing on the deleterious impacts it has on human rights when deployed by government institutions. Second, it surveys some of the different mechanisms that spyware targets have pursued to seek some kind of remedy for such violations. This includes civil litigation by spyware targets against perpetrating states and spyware companies, civil litigation led by companies whose services are exploited to deliver spyware (such as Apple and WhatsApp) against spyware companies, legislative reform efforts, and government-led commissions of inquiry. This article analyzes gaps and challenges that remain in obtaining a remedy for spyware targets. The paper concludes by suggesting areas for reform such that members of civil society may exercise more agency in the fight against spyware and may access meaningful remedies.

South Africa-based Peter Kruger and Yalon Elad have been offering zero-click technology to a host of governments, while also maintaining ties with the corporate intelligence world.

After First-term Trump Ambassador Friedman Was Appointed Chair of Pegasus-maker NSO as Part of a Takeover by a Hollywood Producer, the CEO Steps Down Amid a Possible Shift in U.S. Spyware Policy Under Donald Trump

NSO Group had sought to stay the order pending a decision on its appeal in the case, which centers on allegations that it targeted 1,400 WhatsApp users with its powerful zero-click Pegasus spyware in 2019.

RESIDENT.NGO has helped uncover a malware attack targeted at a Belarus-based journalist by the Belarusian secret service (KGB). This document serves as a short synopsis of the case, offering safety recommendations and indicators of compromise (IoCs).

Reporters Without Borders (RSF)’s Digital Security Lab (DSL), working with the Eastern European organisation RESIDENT.NGO, has uncovered a previously unknown spyware tool used by the State Security Committee (KGB) of Belarus to target, among others, journalists and media workers. RSF assesses that this exposure is a serious setback for the KGB’s operations, not least because the software appears to have been in use for several years.

New Victims of Predator Spyware Identified, With Malicious TikTok Links Revealing New Targets, and Evidence Shows Egypt and Saudi Clients Still Active. Ad-based Infections Confirmed. Leaked Files and Investigation Expose Post-sanctions Intellexa Operations

Commercial surveillance vendor Intellexa continues to thrive and exploit mobile zero-day vulnerabilities.

Apple and Google have sent a new round of cyber threat notifications to users around the world, the companies said this week, announcing their latest effort to insulate customers against surveillance threats.

The “Intellexa Leaks”, a new investigation published jointly by Inside Story, Haaretz and WAV Research Collective, presents troubling revelations about the surveillance company Intellexa and its signature product Predator, a form of highly invasive spyware that has been linked to human rights abuses in multiple countries.

Commercial-grade LANDFALL spyware exploits CVE-2025-21042 in Samsung Android’s image processing library. The spyware was embedded in malicious DNG files.

Hollywood producer Robert Simonds takes controlling stake, appoints former Trump official David Friedman

Civil rights attorneys are seeking documents disclosing details on the extent of ICE’s use of invasive Israeli spyware to target immigrants

WhatsApp notified the consultant, who works for left-wing politicians, that his phone was targeted with spyware made by Paragon.

A developer at Trenchant, a leading Western spyware and zero-day maker, was suspected of leaking company tools and was fired. Weeks later, Apple notified him that his personal iPhone was targeted with spyware.

A U.S. court has ordered Israel's NSO Group to stop targeting Meta Platforms' WhatsApp messaging service, a development the spyware company warned could put it out of business.

A German member of the European Parliament has filed a complaint urging authorities to investigate Hungarian Prime Minister Viktor Orbán for allegedly ordering the country’s secret service to break into his phone with spyware.

Francesco Gaetano Caltagirone received a WhatsApp message on January 31, along with 90 other users around the world. Since the end of 2024, he has been at the center of a major banking operation involving the government. He is the first name involved outside the circle of activists and journalists

Hollywood producer Robert Simonds leads the deal, subject to Israeli and U.S. regulatory review.

Four people go on trial accused of misdemeanours but opponents ask why no government officials have been charged.