RESIDENT.NGO has helped uncover a malware attack targeted at a Belarus-based journalist by the Belarusian secret service (KGB). This document serves as a short synopsis of the case, offering safety recommendations and indicators of compromise (IoCs).
Reporters Without Borders (RSF)’s Digital Security Lab (DSL), working with the Eastern European organisation RESIDENT.NGO, has uncovered a previously unknown spyware tool used by the State Security Committee (KGB) of Belarus to target, among others, journalists and media workers. RSF assesses that this exposure is a serious setback for the KGB’s operations, not least because the software appears to have been in use for several years.
New Victims of Predator Spyware Identified, With Malicious TikTok Links Revealing New Targets, and Evidence Shows Egypt and Saudi Clients Still Active. Ad-based Infections Confirmed. Leaked Files and Investigation Expose Post-sanctions Intellexa Operations
Commercial surveillance vendor Intellexa continues to thrive and exploit mobile zero-day vulnerabilities.
Apple and Google have sent a new round of cyber threat notifications to users around the world, the companies said this week, announcing their latest effort to insulate customers against surveillance threats.
The “Intellexa Leaks”, a new investigation published jointly by Inside Story, Haaretz and WAV Research Collective, presents troubling revelations about the surveillance company Intellexa and its signature product Predator, a form of highly invasive spyware that has been linked to human rights abuses in multiple countries.
Commercial-grade LANDFALL spyware exploits CVE-2025-21042 in Samsung Android’s image processing library. The spyware was embedded in malicious DNG files.
Hollywood producer Robert Simonds takes controlling stake, appoints former Trump official David Friedman
Civil rights attorneys are seeking documents disclosing details on the extent of ICE’s use of invasive Israeli spyware to target immigrants
WhatsApp notified the consultant, who works for left-wing politicians, that his phone was targeted with spyware made by Paragon.
A developer at Trenchant, a leading Western spyware and zero-day maker, was suspected of leaking company tools and was fired. Weeks later, Apple notified him that his personal iPhone was targeted with spyware.
A U.S. court has ordered Israel's NSO Group to stop targeting Meta Platforms' WhatsApp messaging service, a development the spyware company warned could put it out of business.
A German member of the European Parliament has filed a complaint urging authorities to investigate Hungarian Prime Minister Viktor Orbán for allegedly ordering the country’s secret service to break into his phone with spyware.
Francesco Gaetano Caltagirone received a WhatsApp message on January 31, along with 90 other users around the world. Since the end of 2024, he has been at the center of a major banking operation involving the government. He is the first name involved outside the circle of activists and journalists
Hollywood producer Robert Simonds leads the deal, subject to Israeli and U.S. regulatory review.
Four people go on trial accused of misdemeanours but opponents ask why no government officials have been charged.
The French government says Apple sent out threat notifications to customers alerting them to spyware attacks earlier in September.
New York, September 10, 2025—The Committee to Protect Journalists is gravely alarmed by the installation of spyware on two Kenyan filmmakers’ phones while the devices were in police custody, and calls on authorities to drop a case against them and two other filmmakers and ensure that journalists are not further targeted for surveillance. Forensic analysis...
We’re sharing an update on suspected state-backed attacker APT29 and the use of exploits identical to those used by Intellexa and NSO.
A spyware vendor was behind a recent campaign that abused a vulnerability in WhatsApp to deliver an exploit capable of hacking into iPhones and Macs.