Spyware attacks on journalists, human rights defenders, and political dissidents are no longer rare or exotic. In early 2025, WhatsApp notified roughly 90 users — many of them journalists and civil society members across Europe — that they had been targeted by Israeli spyware company Paragon Solutions. Months later, Apple sent threat notifications to a new group of iOS users; forensic analysis confirmed two of them, both journalists, had been hit with Paragon’s Graphite spyware using a zero-click attack, meaning they didn’t even have to tap a link to be compromised. These aren’t isolated incidents. They’re the norm.
For the last 15 years, security researchers have documented countless cases where government hackers have targeted and successfully compromised journalists, human rights defenders, critics, and political opponents.
These attacks rely on expensive, sophisticated, and stealthy tools that allow their operators to hack into and install spyware on computers, but especially smartphones, which hold virtually all of the data about a person’s daily life.
Spyware gives its operators virtually full access to the target’s device and data. Government spies can record phone calls, steal chat messages, access photos, and switch on the device’s camera and microphone to record ambient sound and record nearby conversations. Spyware also typically tracks a person’s real-time location.
