Keir Giles, a prominent expert on Russia, was targeted with a new form of social-engineering attack that leverages App-Specific Passwords. Google links the operation to UNC6293, a Russian state-backed group.
On June 3, 2025, the Canadian government tabled Bill C-2, omnibus legislation that, if passed, would introduce a wide array of new federal agency and law enforcement powers, and would significantly reform substantive and due process laws in Canada for migrants and asylum seekers. Our preliminary analysis of Bill C-2 situates the legislation within the context of existing research by the Citizen Lab about two potential data-sharing treaties that are most relevant to the new proposed powers being introduced in Bill C-2: the Second Additional Protocol to the Budapest Convention (2AP) and the CLOUD Act. Both of which carry significant constitutional and human rights risks.
On April 29, 2025, a select group of iOS users were notified by Apple that they were targeted with advanced spyware. Among the group were two journalists who consented to the technical analysis of their cases. In this report, we discuss key findings from our forensic analyses of their devices.
Our investigation of a spearphishing campaign that targeted senior members of the World Uyghur Congress in March 2025 reveals a highly-customized attack delivery method. The ruse used by attackers replicates a pattern in which threat actors weaponize software and websites aimed at preserving and supporting marginalized and repressed cultures to target those same communities.
The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs & Public Policy, University of Toronto, focusing on research and development at the intersection of information and communication technologies, human rights, and global security. Learn more.
Irene Poetranto examines Indonesia’s use of domain name system (DNS) redirection as a method of internet censorship in a new essay published by the Carnegie Endowment for International Peace. In Techno-Legal Internet Controls in Indonesia and Their Impact on Free Expression Poetranto explains how DNS redirection, a new type of DNS tampering, was introduced in… Read more »
On June 9, join the Citizen Lab’s Emile Dirks to discuss China’s influence, interference, and repression in Canada.
On May 13, 2025, the Citizen Lab’s senior researcher John Scott-Railton testified before the European Union Parliament’s Committee on Civil Liberties, Justice and Home Affairs (‘LIBE committee’) to share findings from our recent report on the proliferation of Paragon spyware. “When we look at the pie chart of [spyware] targeting to see who was targeted… Read more »
Join us on May 21 for a hybrid workshop that explores digital sovereignty, the methodologies for its study, and the global trend around sovereignty in the digital world. This workshop is co-organized by DIGISOV, CIS CNRS, and GEODE and will take place on May 21, 2025, from 9:30 to 17:00, in Paris 17th (CNRS Pouchet)… Read more »
In his article for Foreign Affairs, Citizen Lab founder Ron Deibert discusses the lessons of SignalGate, highlighting that “much of the debate has downplayed an even larger problem: the very real possibility that a foreign government or other hostile power was snooping on the devices through which those communications were taking place.” Read the full… Read more »
In an interview for CBC Ideas, Citizen Lab founder Ron Deibert talks with host Nahlah Ayed about mercenary spyware, sharing that “the latest versions can be implanted on anyone’s device anywhere in the world and as we speak, there is literally no defence against it.” They also discuss his new book, Chasing Shadows, in which… Read more »
