P748TECH TEXT NEWS
:
[SECURITY]

RUSSIA HACKED ACTIVIST PHONE WITH SANCTIONED TOOL

SECURITY DESK1 MIN READ
THU, JUN 25, 2026

■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE

Russia allegedly exploited a forensics platform to compromise an activist's phone, even after the tool's maker lost access. Cellebrite says the hardware predates current sanctions and was used without authorization.

Cellebrite, an Israeli mobile forensics company, disclosed that Russian actors allegedly used its platform to conduct a cyberattack against an activist. The company stated the hardware in question was manufactured before current sanctions restrictions took effect. Cellebrite emphasized it did not consent to the use and has since cut off remote access capabilities for Russian users. The revelation highlights ongoing security challenges facing activists in regions with government surveillance capabilities. The incident underscores persistent vulnerabilities in sanctioned technology ecosystems. Older hardware versions may remain operational despite manufacturers implementing access restrictions, creating potential security gaps. Cellebrite did not disclose the activist's identity or specific details about the attack's scope. The company has faced prior scrutiny over its tools being used for surveillance purposes by governments worldwide.

■ SOURCES

Engadget

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

P759SHOPIFY'S SHOP APP WEAPONIZED FOR PHISHING

Threat actors are exploiting Shopify's Shop order-tracking app by injecting fake purchase receipts into user accounts. The attacks trick victims into revealing sensitive data or installing remote access malware.

JUST NOWSecurity Desk
P754MACOS MALWARE 'GASLIGHT' TRICKS AI ANALYSIS TOOLS

A newly discovered macOS malware called Gaslight uses embedded fake errors and prompt injection strings to evade AI-powered malware analysis systems. The technique represents a new approach to defeating automated security tools.

JUST NOWAI Desk
P742LASTPASS CONFIRMS ANOTHER DATA BREACH

Password manager LastPass has notified users of yet another security incident involving unauthorized access to customer data. The breach marks the latest in a series of security lapses affecting the popular service.

2H AGOSecurity Desk
P736BLUEKIT PHISHING KIT ADDS BROWSER-IN-THE-MIDDLE THEFT

The Bluekit phishing-as-a-service platform has expanded its capabilities with browser-in-the-middle technology for stealing login credentials. Security researchers identified nearly 70 new hostnames associated with the service over the past week.

5H AGOSecurity Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.

◄ BACK TO NEWS