Serbian Gov't Used Zero-Day Exploit to Spy on Dissenting Student
2025-03-01
Amnesty International revealed that the Serbian government used a zero-day exploit, sold by Cellebrite, to compromise the phone of a student critical of the government. The exploit bypassed the lockscreen of a fully patched Android device, leveraging vulnerabilities in Linux kernel USB drivers. This incident shows that despite Cellebrite suspending sales to “relevant customers” in Serbia, the government continues its surveillance campaign against civil society, highlighting its repression of dissent.