We investigate a coordinated network of inauthentic X accounts that is spreading AI-generated content to induce revolt in Iran. The network has been active since 2023, but increased activity during the Iran-Israel conflict in June 2025.

On June 9, join the Citizen Lab’s Emile Dirks to discuss China’s influence, interference, and repression in Canada.

Our investigation of a spearphishing campaign that targeted senior members of the World Uyghur Congress in March 2025 reveals a highly-customized attack delivery method. The ruse used by attackers replicates a pattern in which threat actors weaponize software and...

A sustained, coordinated social media harassment and doxxing campaign – which we codenamed JUICYJAM – targeting the pro-democracy movement in Thailand has run uninterrupted, and unchallenged, since at least August 2020. Through our analysis of public social media posts...

In a piece for the Asia Pacific Foundation of Canada, Emile Dirks and Diana Fu argue that the U.S.’s pull back from its liberal-minded engagements in China “poses an imminent challenge to Canada: how to curb Beijing’s foreign interference...

In our first investigation into Israel-based spyware company, Paragon Solutions, we begin to untangle multiple threads connected to the proliferation of Paragon's mercenary spyware operations across the globe. This report includes an infrastructure analysis of Paragon’s spyware product, called...

Join us on March 24, 2025, for a virtual presentation and Q&A on the gendered dimension of digital transnational repression. The Citizen Lab’s Siena Anstis, Noura Aljizawi, and Marcus Michaelsen will share key findings from their December 2024 report,...

China’s DeepSeek AI chatbot has raised serious privacy concerns. Speaking with Kevin Collier at NBC News, The Citizen Lab’s director, Ron Deibert, remarks that the privacy problems regarding DeepSeek are not limited to Chinese platforms, and that personal information...

Key findings We analyzed RedNote on Android and iOS for network security issues and found that all versions of RedNote fetch viewed images and videos over HTTP, which enables network eavesdroppers to learn exactly what content users are browsing....

RightsCon, the world’s leading summit on human rights in the digital age, is just around the corner and will be held in Taipei, Taiwan and online from February 24–27, 2025.  Researchers from The Citizen Lab are scheduled to speak...

The Information Controls Fellowship Program (ICFP) from the Open Technology Fund (OTF) fosters research, outputs, and creative collaboration on repressive Internet censorship and surveillance issues. We welcome proposals from fellowship candidates for research projects related to our current thematic...

In this episode of Zoom In Zoom Out on TaiwanPlus, Rebekah Brown, senior researcher at The Citizen Lab, speaks with reporter Herel Hughes to unpack the alarming rise of commercial spyware and its misuse across the globe.

Ron Deibert and Noura Aljizawi join CBC chief correspondent Adrienne Arsenault to discuss the growing issue of foreign governments’ threats and intimidation targeting exiled women activists and dissidents living in Canada.

We analyze the system Amazon deploys on the US “amazon.com” storefront to restrict shipments of certain products to specific regions. We found 17,050 products that Amazon restricted from being shipped to at least one world region. - While many...

微信有超過十億每月活躍使用者，我們分析了微信使用的主要網路協定 MMTLS 的安全和隱私特性，並發佈了首篇公開的研究報告。

微信是一款具有多种功能的应用程序。之前，我们研究了小程序的隐私问题及其监视以及审查文本和图像消息。本研究重点研究微信的网络加密协议及其安全性。

微信是一個具有許多功能的應用程式。之前我們研究過圍繞小程式的隱私問題，以及微信對文字和圖片訊息的監視及審查。在這項研究中，我們主要關注微信的網路加密協定及其安全性。

Research FAQ for the full report "Should We Chat, Too? Security Analysis of WeChat’s MMTLS Encryption Protocol"

This report performs the first public analysis of MMTLS, the main network protocol used by WeChat, an app with over one billion users. The report finds that MMTLS is a modified version of TLS, however some of the modifications...

The Citizen Lab’s Emile Dirks will present at the upcoming APSA 2024 Annual Meeting & Exhibition as part of a panel discussing how autocrats and aspiring autocrats capture social institutions and stifle counter-mobilization. At the event, Dirks will present...

In response to a call for input issued by the United Nations Special Rapporteur on counter-terrorism and human rights, Emile Dirks, research associate at the Citizen Lab, prepared a written submission underlining the legal and human rights implications of...

The annual Privacy Enhancing Technologies Symposium (PETS) 2024 is underway in Bristol, UK and online, a gathering of privacy experts from around the world to discuss recent advances and new perspectives on research in privacy technologies. On July 16,...

This is an FAQ for the full report titled “The not-so-silent type: Vulnerabilities across keyboard apps reveal keystrokes to network eavesdroppers.” What are cloud-based pinyin keyboard apps? There are various ways to type Chinese on a keyboard. The most...

In this report, we examine cloud-based pinyin keyboard apps from nine vendors (Baidu, Honor, Huawei, iFlyTek, OPPO, Samsung, Tencent, Vivo, and Xiaomi) for vulnerabilities in how the apps transmit user keystrokes. Our analysis found that eight of the nine...

Emile Dirks, Research Associate at the Citizen Lab, prepared a written submission for the Congressional-Executive Commission on China (CECC) about the state of human rights in the country. The CECC was established by Congress in October 2000, with the...

A network of at least 123 websites operated from within the People’s Republic of China while posing as local news outlets in 30 countries across Europe, Asia, and Latin America, disseminates pro-Beijing disinformation and ad hominem attacks within much...

The Citizen Lab co-founded the program with OTF and has been a host organization since its inception. We welcome proposals from fellowship candidates for research projects related to our current thematic areas and applications are open to people from...

As part of our ongoing project monitoring changes to Chinese search censorship, we tracked changes to censorship following Li Keqiang’s death across seven Internet platforms: Baidu, Baidu Zhidao, Bilibili, Microsoft Bing, Jingdong, Sogou, and Weibo. We found that some...

Amnesty International’s Security Lab has just published Caught in the Net as part of the European Investigative Collaborations‘ Predator Files, which details a threat actor sending what they assess to be Predator infection links on social media in replies...

In this report, we analyze the Windows, Android, and iOS versions of Tencent’s Sogou Input Method, the most popular Chinese-language input method in China. Our analysis found serious vulnerabilities in the app’s custom encryption system and how it encrypts...