Keir Giles, a prominent expert on Russia, was targeted with a new form of social-engineering attack that leverages App-Specific Passwords. Google links the operation to UNC6293, a Russian state-backed group.
On June 3, 2025, the Canadian government tabled Bill C-2, omnibus legislation that, if passed, would introduce a wide array of new federal agency and law enforcement powers, and would significantly reform substantive and due process laws in Canada for migrants and asylum seekers. Our preliminary analysis of Bill C-2 situates the legislation within the context of existing research by the Citizen Lab about two potential data-sharing treaties that are most relevant to the new proposed powers being introduced in Bill C-2: the Second Additional Protocol to the Budapest Convention (2AP) and the CLOUD Act. Both of which carry significant constitutional and human rights risks.
On April 29, 2025, a select group of iOS users were notified by Apple that they were targeted with advanced spyware. Among the group were two journalists who consented to the technical analysis of their cases. In this report, we discuss key findings from our forensic analyses of their devices.
Our investigation of a spearphishing campaign that targeted senior members of the World Uyghur Congress in March 2025 reveals a highly-customized attack delivery method. The ruse used by attackers replicates a pattern in which threat actors weaponize software and websites aimed at preserving and supporting marginalized and repressed cultures to target those same communities.
The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs & Public Policy, University of Toronto, focusing on research and development at the intersection of information and communication technologies, human rights, and global security. Learn more.
On June 28, join Citizen Lab director Ron Deibert, author of Chasing Shadows, for this book talk at the Toronto International Festival of Authors.
In the past decade, we have seen a significant shift in how governments talk about misinformation. Many countries now consider or intentionally frame misinformation as a matter of national security or public safety in order to justify the passage of new laws that impose penalties for the spread of information deemed false or other administrative… Read more »
On June 29 at REcon, Citizen Lab senior researcher Bill Marczak and co-presenter Daniel Roethlisberger will recount how they discovered a Pegasus exploit targeting iOS 10 devices back in 2017. They will describe their investigation, analyze the root cause of the vulnerability, detail how the exploit leveraged the vulnerability to gain code execution after boot, and explain how the vulnerability was mitigated.
Irene Poetranto examines Indonesia’s use of domain name system (DNS) redirection as a method of internet censorship in a new essay published by the Carnegie Endowment for International Peace. In Techno-Legal Internet Controls in Indonesia and Their Impact on Free Expression Poetranto explains how DNS redirection, a new type of DNS tampering, was introduced in… Read more »
On June 9, join the Citizen Lab’s Emile Dirks to discuss China’s influence, interference, and repression in Canada.
On May 13, 2025, the Citizen Lab’s senior researcher John Scott-Railton testified before the European Union Parliament’s Committee on Civil Liberties, Justice and Home Affairs (‘LIBE committee’) to share findings from our recent report on the proliferation of Paragon spyware. “When we look at the pie chart of [spyware] targeting to see who was targeted… Read more »
