Citizen Lab found an actively exploited zero-click vulnerability being used to deliver NSO Group’s Pegasus mercenary spyware while checking the device of an individual employed by a Washington...

The Citizen Lab, in collaboration with Catalan civil society groups, has identified at least 65 individuals targeted or infected with mercenary spyware, including members of the European Parliament,...

The analysis of YY and WeChat indicates broad censorship—blocking sensitive terms as well as general information and neutral references—potentially limiting the public’s ability to access information...

Between May and September 2023, former Egyptian MP Ahmed Eltantawy was targeted with Cytrox's Predator spyware via links sent on SMS and WhatsApp after Eltantawy publicly stated his plans to run for...

Protect your privacy by answering a few simple questions to cut down on data collection,and prevent hackers from invading your devices.

While analyzing the phone of a Saudi activist infected with NSO Group’s Pegasus spyware, we discovered a zero-day zero-click exploit against iMessage. The exploit, which we call FORCEDENTRY, targets...

Uncovering an extensive espionage operation infecting dozens of Thai pro-democracy campaigners with NSO Group's Pegasus spyware.

This report examines the encryption that protects meetings in Zoom and finds that they have made their own encryption scheme and has significant weaknesses.

Journalists and members of civil society had their phones successfully infected with NSO’s Pegasus spyware between July 2020 - November 2021.

Citizen Lab's peer review of Amnesty International's forensic techniques to identify Pegasus spyware concludes they are sound.

Two Egyptians—exiled politician Ayman Nour and the host of a popular news program (who wishes to remain anonymous)—were hacked with Predator spyware, built and sold by the previously little-known...

In this report, we describe how Canadian permanent resident and Saudi dissident Omar Abdulaziz was targeted with a fake package delivery notification. We assess with high confidence that Abdulaziz’s...

In 2022, the Citizen Lab gained extensive forensic visibility into new NSO Group exploit activity after finding infections among members of Mexico’s civil society, including two human rights defend...

As reported in May 2019, WhatsApp identified and shortly thereafter fixed a vulnerability that allowed attackers to inject commercial spyware on to phones

We’re the Electronic Frontier Foundation, an independent non-profit working to protect online privacy for over thirty years. This is Surveillance Self-Defense: our expert guide to protecting you and...

Researchers say the attempted hack, using a rare “zero-day” exploit, was probably conducted by the Egyptian government.

The analysis by Citizen Lab follows a U.N. investigation implicating the Saudi crown prince in the hack of Jeff Bezos’s phone.

Government operatives used NSO Group’s Pegasus spyware to hack 36 personal phones belonging to journalists, producers, anchors, and executives at Al Jazeera. The journalists were hacked by four...

As part of a collaborative investigation led by Access Now, Citizen Lab researchers conducted forensic analysis of iPhones belonging to members of Jordan-based civil society.

Over the course of our multi-year investigation, we found that Dark Basin likely conducted commercial espionage on behalf of their clients against opponents involved in high profile public events,...

Candiru is a secretive Israel-based company that sells spyware exclusively to governments. Using Internet scanning, we identified more than 750 websites linked to Candiru’s spyware infrastructure. We...

In an investigative collaboration with Access Now, the Citizen Lab has analyzed forensic artifacts from the iPhone of award-winning exiled Russian investigative journalist Galina Timchenko and found...

MY2022, an app mandated for use by all attendees of the 2022 Olympic Games in Beijing, has a simple but devastating flaw where encryption protecting users’ voice audio and file transfers can be...

Circles is a surveillance firm that reportedly exploits weaknesses in the global mobile phone system to snoop on calls, texts, and the location of phones around the globe, and is affiliated with NSO...

This is the story of one of Europe’s largest-known cases of state-run phone hacking. A plot with three ingredients: A sophisticated mercenary spyware sold to governments around the world. Over 65...

At least five civil society victims of QuaDream’s spyware and exploits were identified in North America, Central Asia, Southeast Asia, Europe, and the Middle East. Victims include journalists,...

In this post, we develop new Internet scanning techniques to identify 45 countries in which operators of NSO Group’s Pegasus spyware may be operating.

In this report, we analyze the Windows, Android, and iOS versions of Tencent’s Sogou Input Method, the most popular Chinese-language input method in China. Our analysis found serious vulnerabilities...

We identified nine Bahraini activists whose iPhones were successfully hacked with NSO Group’s Pegasus spyware between June 2020 and February 2021. The hacked activists included three members of Waad...

Our forensic analysis of two iPhones belonging to Hubbard found evidence of Pegasus infections in July 2020 and June 2021. Notably, these infections occurred after Hubbard reported in January 2020...

Citizen Lab examined a set of documents leaked to news outlet The Intercept that describe plans to develop and launch an Iranian mobile network, including subscriber management operations and...

The report includes technical elements associated with stalkerware applications, marketing activities, and compliance with Canadian privacy legislation.

A network of at least 123 websites operated from within the People’s Republic of China while posing as local news outlets in 30 countries across Europe, Asia, and Latin America, disseminates pro-Be...

WeChat communications conducted entirely among non-China-registered accounts are subject to pervasive content surveillance that was previously thought to be exclusively reserved for China-registered...

Surveillance spyware firms are running rampant in a digital ecosystem that is invasive by design, insecure, unregulated, and easily exploited

At WhatsApp, we believe people have a fundamental right to privacy and that no one else should have access to your private conversations, not even us.

This report examines algorithmic technologies that are designed for use in criminal law enforcement systems, including a human rights and constitutional law analysis of the potential use of algorit...

The Citizen Lab co-founded the program with OTF and has been a host organization since its inception. We welcome proposals from fellowship candidates for research projects related to our current...

Within mainland China, we found that Apple censors political content including broad references to Chinese leadership and China’s political system, names of dissidents and independent news organiza...

The Citizen Lab, in collaboration with Catalan civil society groups, has identified at least 65 individuals targeted or infected with mercenary spyware, including members of the European Parliament,...

Ronald Diebert, director of the cybersecurity and human-rights organization The Citizen Lab at the University of Toronto, is among this year’s appointments to the Order of Canada.

Days after the murder of award-winning Mexican journalist Javier Valdez Cárdenas, his colleagues began receiving text messages laden with NSO Group spyware.

Front Line Defenders’ analysis indicated that six devices belonging to six Palestinian human rights defenders were hacked with Pegasus, a spyware developed by the cyber-surveillance company NSO...

Invasive hacking software sold to countries to fight terrorism is easily abused. Researchers say my phone was hacked twice, probably by Saudi Arabia.

This is the first documented case of one-click mobile exploits used to target Tibetan groups, and reflects an escalation in the sophistication of digital espionage threats targeting the community.

New York Times journalist Ben Hubbard was targeted with NSO Group’s Pegasus spyware via a June 2018 SMS message promising details about “Ben Hubbard and the story of the Saudi Royal Family.” The SMS...

We identified a network of 885 websites and attributed these websites with high confidence as having been used by the United States (US) Central Intelligence Agency (CIA) for covert communication.

Five specific reasons not to exaggerate the threat of Chinese cyber influence operations.

We find that mass DNA collection in Tibet is another mass DNA collection campaign conducted under the Xi Jinping administration (2012–present), along with the mass DNA collection campaign in the...

A Mosaic of Censored Images Commemorating the Hong Kong Protests

Documents stolen from a prominent journalist and critic of the Russian government were manipulated and then released as a “leak” to discredit domestic and foreign critics of the government. We call...

Citizen Lab director Ronald J. Deibert will deliver this year's Massey Lectures, arguing that the internet, especially social media, has an increasingly toxic influence in every aspect of life.

Cybersecurity expert Ron Deibert to testify to Canadian MPs about troubling spread of invasive surveillance tools

Over the last month, two Citizen Lab staff members were contacted by two separate individuals in what appears to be an attempt to compromise our work. Each of the contacts purported to show an...

Phones belonging to four Jordanian human rights defenders, lawyers, and journalists were hacked with NSO Group’s Pegasus spyware between August 2019 and December 2021. We assess that at least two of...

On Wednesday, July 27, 2022, at 10:00 a.m. ET, the House Intelligence Committee will hold an open hearing on commercial cyber surveillance.

We consistently found that Bing censors politically sensitive Chinese names over time, that their censorship spans multiple Chinese political topics, consists of at least two languages—English and...

In September 2017, I was made aware of an account of sexual assault involving Morgan Marquis-Boire that coincided with a Citizen Lab event, the Cyber Dialogue, in 2014. At Citizen Lab, we take all...

In this report, we undertake a preliminary comparative analysis of how different information technologies were mobilized in response to COVID-19 to collect data, the extent to which Canadian laws...

This report provides a comprehensive guide to geolocation-related threats sourced from 3G, 4G, and 5G network operators. Case studies, references, examples, and evidence are provided to give a...