Paragon says it canceled contracts with Italy over government's refusal to investigate spyware attack on journalist

Spyware maker Paragon accused the Italian government of refusing its help in investigating whether a journalist was spied on with its technology, according to a statement on Monday.
In the statement first reported by Haaretz, Paragon claimed it was this refusal that prompted the company to cut ties with its Italian government customers.
'The company offered both the Italian government and parliament a way to determine whether its system had been used against the journalist in violation of Italian law and the contractual terms,' read the statement. 'As the Italian authorities chose not to proceed with this solution, Paragon terminated its contracts in Italy.'
Paragon confirmed to TechCrunch that the statement was accurate. After TechCrunch contacted Paragon's executive chairman John Fleming for comment, Emily Horne, who works for Westexec Advisors, responded saying the company is 'referring all media queries' to the statements in the Haaretz article.
This is the first time a spyware provider has publicly stated it cut ties with a specific customer after reports of abuse.
The spyware maker's accusation is the latest twist in a scandal that erupted in January, when WhatsApp revealed a mass-hacking campaign targeting its users. The messaging app giant said it alerted around 90 users that they were targeted with spyware made by Paragon, a company co-founded by former Israeli Prime Minister Ehud Barak (pictured). Paragon, which has a contract with U.S. Immigration and Customs Enforcement, has marketed itself in the U.S. and Europe as ostensibly a more responsible vendor compared to its predecessors in the industry.
Francesco Cancellato, the director of news website Fanpage who was the first person to come forward saying he received WhatsApp's notification, is the journalist that Paragon referred to in the statement.
Contact Us Do you have more information about Paragon Solutions, and this spyware campaign? From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or
Do you have more information about Paragon Solutions, and this spyware campaign? From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email . You also can contact TechCrunch via SecureDrop
Paragon's statement is a response to a report published last week by an Italian parliamentary committee known as COPASIR, which investigated the spyware scandal in the country. The committee concluded there was no evidence that Cancellato had been a target of Italy's two intelligence agencies, AISI and AISE, which it confirmed were Paragon customers.
Hours after Haaretz published Paragon's statement, the Italian government rebuffed Paragon's remarks, saying that the decision to first suspend and then terminate the contract with Paragon was mutual, according to unnamed sources quoted by Italian news wire ANSA.
The sources were also quoted as saying that the Department of Information for Security (DIS), the Italian government body overseeing AISE and AISI, refused Paragon's help to check the logs on the agencies' Graphite spyware systems because doing so would have exposed confidential data to a private foreign company, and compromised national security. Allowing Paragon to help, the sources claimed, would have compromised the reputation of Italian intelligence agencies among its international peers.
COPASIR and the Italian government, which is led by Prime Minister Giorgia Meloni, did not respond to TechCrunch's requests for comment.
Cancellato responded to Paragon's statement in a video posted on Fanpage. 'Who is lying in this story? COPASIR or Paragon?' he said.
'To find out, all we have to do is ask Paragon to officially tell us who spied on Fanpage. They said they can find out? We want them to tell us once and for all,' said Cancellato.
In late April, Fanpage reporter Ciro Pellegrino said he had received a notification from Apple that he had been targeted with government spyware. COPASIR's investigation did not mention Pellegrino's case.
COPASIR, on the other hand, confirmed that other victims of Paragon spyware were lawfully targeted. Those are Luca Casarini and Giuseppe Caccia, who work for the Italian nonprofit Mediterranea Saving Humans, which rescues immigrants who try to cross the Mediterranean Sea; and David Yambio, the president and co-founder of Refugees in Libya, a non-government organization active in Italy.
All of them, COPASIR said, were lawfully investigated for their activities related to alleged illegal immigration.
On the other hand, COPASIR concluded that there was no evidence of surveillance against Mattia Ferrari, a priest who works on the rescue ship of Mediterranea Saving Humans, who also received a notification from WhatsApp.
In a statement to ANSA on Monday, COPASIR said that it was willing to declassify the contents of the hearing it held with Paragon representatives on April 9 to defend its work in the inquiry. The statement said COPASIR was surprised by Paragon's statement.

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

Bloomberg

30 minutes ago

• Bloomberg

LME Imposes Rule Forcing Traders to Reduce Big Front-Month Bets

The London Metal Exchange set a new rule on Friday to force traders to reduce large positions, after the market was rocked in recent months by the arrival of some of the world's largest energy traders. The exchange said that, starting Monday, any trader with a position in the nearby month's contract larger than the total available stock would be forced to reduce its position by offering to lend it to other traders.

Fox News

40 minutes ago

• Fox News

The new map that could be guiding Trump's Middle East moves

Video President Donald Trump came back into office promising no new wars. So far, he's kept that promise. But he's also left much of Washington — and many of America's allies — confused by a series of rapid, unexpected moves across the Middle East. In just a few months, Trump has reopened backchannels with Iran, then turned around and threatened its regime with collapse. He's kept Israel at arm's length — skipping it on his regional tour — before signaling support once again. He lifted U.S. sanctions on Syria's Islamist leader, a figure long treated as untouchable in Washington. And he made headlines by hosting Pakistan's top general at the White House, even as India publicly objected. For those watching closely, it's been hard to pin down a clear doctrine. Critics see improvisation — sometimes even contradiction. But step back, and a pattern begins to emerge. It's not about ideology, democracy promotion, or traditional alliances. It's about access. Geography. Trade. More specifically, it may be about restarting a long-stalled infrastructure project meant to bypass China — and put the United States back at the center of a strategic economic corridor stretching from India to Europe. The project is called the India–Middle East–Europe Corridor, or IMEC. Most Americans have never heard of it. It was launched in 2023 at the G20 summit in New Delhi, as a joint initiative among the U.S., India, Saudi Arabia, the UAE and the European Union. Its goal? To build a modern infrastructure link connecting South Asia to Europe — without passing through Chinese territory or relying on Chinese capital. IMEC's vision is bold but simple: Indian goods would travel west via rail and ports through the Gulf, across Israel, and on to European markets. Along the way, the corridor would connect not just trade routes, but energy pipelines, digital cables, and logistics hubs. It would be the first serious alternative to China's Belt and Road Initiative — a way for the U.S. and its partners to build influence without boots on the ground. But before construction could begin, war broke out in Gaza. The October 2023 Hamas attacks and Israel's military response sent the region into crisis. Normalization talks between Saudi Arabia and Israel fell apart. The Red Sea became a warzone for shipping. And Gulf capital flows paused. The corridor — and the broader idea of using infrastructure to tie the region together — was quietly shelved. Video That's the backdrop for Trump's current moves. Taken individually, they seem scattered. Taken together, they align with the logic of clearing obstacles to infrastructure. Trump may not be drawing maps in the Situation Room. But his instincts — for leverage, dealmaking and unpredictability — are removing the very roadblocks that halted IMEC in the first place. His approach to Iran is a prime example. In April, backchannels were reopened on the nuclear front. In May, a Yemen truce was brokered — reducing attacks on Gulf shipping. In June, after Israeli strikes inside Iran, Trump escalated rhetorically, calling for Iran's "unconditional surrender." That combination of engagement and pressure may sound erratic. But it mirrors the approach that cleared a diplomatic path with North Korea: soften the edges, then apply public pressure. Meanwhile, Trump's temporary distancing from Israel is harder to miss. He skipped it on his regional tour and avoided aligning with Prime Minister Netanyahu's continued hard-line approach to Gaza. Instead, he praised Qatar — a U.S. military partner and quiet mediator in the Gaza talks — and signaled support for Gulf-led reconstruction plans. The message: if Israel refuses to engage in regional stabilization, it won't control the map. Trump also made the unexpected decision to lift U.S. sanctions on Syria's new leader, President Ahmad al-Sharaa — a figure with a past in Islamist groups, now leading a transitional government backed by the UAE. Critics saw the move as legitimizing extremism. But in practice, it unlocked regional financing and access to transit corridors once blocked by U.S. policy. Even the outreach to Pakistan — which angered India — fits a broader infrastructure lens. Pakistan borders Iran, influences Taliban-controlled Afghanistan, and maintains ties with Gulf militaries. Welcoming Pakistan's military chief was less about loyalty, and more about leverage. In corridor politics, geography often trumps alliances. None of this means Trump has a master plan. There's no confirmed strategy memo that links these moves to IMEC. And the region remains volatile. Iran's internal stability is far from guaranteed. The Gaza conflict could reignite. Saudi and Qatari interests don't always align. But there's a growing logic underneath the diplomacy: de-escalate just enough conflict to make capital flow again — and make corridors investable. That logic may not be ideologically pure. It certainly isn't about spreading democracy. But it reflects a real shift in U.S. foreign policy. Call it infrastructure-first geopolitics — where trade routes, ports and pipelines matter more than treaties and summits. To be clear, the United States isn't the only player thinking this way. China's Belt and Road Initiative has been advancing the same model for over a decade. Turkey, Iran and Russia are also exploring new logistics and energy corridors. But what sets IMEC apart — and what makes Trump's recent moves notable — is that it offers an opening for the U.S. to compete without large-scale military deployments or decades-long aid packages. Even the outreach to Pakistan — which angered India — fits a broader infrastructure lens. Pakistan borders Iran, influences Taliban-controlled Afghanistan, and maintains ties with Gulf militaries. For all his unpredictability, Trump has always had a sense for economic leverage. That may be what we're seeing here: less a doctrine than a direction. Less about grand visions, and more about unlocking chokepoints. There's no guarantee it will work. The region could turn on a dime. And the corridor could remain, as it is now, a partially built concept waiting on political will. But Trump's moves suggest he's trying to build the conditions for it to restart — not by talking about peace, but by making peace a condition for investment. In a region long shaped by wars over ideology and territory, that may be its own kind of strategy. Tanvi Ratna is a policy analyst and engineer with a decade of experience in statecraft at the intersection of geopolitics, economics, and technology. She has worked on Capitol Hill, at EY, at CoinDesk and others, shaping policy across sectors from manufacturing to AI. Follow her takes on statecraft on X and Substack.

Yahoo

43 minutes ago

• Yahoo

UBS and Pictet data leak after Chain IQ cyber attack

Swiss banks UBS and Pictet have confirmed a data leak resulting from a cyber attack on their subcontractor, Chain IQ, in Switzerland. According to a report by Reuters, citing Swiss newspaper Le Temps, files containing personal data of tens of thousands of UBS employees were stolen in the data breach. Separately, SWI part of the Swiss Broadcasting Corporation, reported that at Pictet, the cyber attack led to the theft of tens of thousands of supplier invoices dating back several years. Chain IQ revealed that it, along with 19 other companies, was targeted in the attack, which resulted in a data leak published on the darknet. The company stated that it has taken steps to contain the situation and is unable to provide details on ransom demands or interactions with the attackers due to security and investigative reasons. Chain IQ first communicated the breach on 13 June. The company, based in Baar, has subsidiaries in New York, London, Singapore, Mumbai, and Bucharest. 'A cyber-attack at an external supplier has led to information about UBS and several other companies being stolen. No client data has been affected,' UBS was quoted by Reuters as saying. 'As soon as UBS became aware of the incident, it took swift and decisive action to avoid any impact on its operations.' UBS is currently facing additional challenges. The Swiss government recently proposed new capital norms requiring UBS to increase its core capital by $26bn following its acquisition of Credit Suisse. This proposal aims to enhance financial stability and prevent future banking crises, mandating UBS to fully capitalise its foreign subsidiaries. UBS has been given a timeframe of six to eight years to comply once the legislation is enacted. Meanwhile, Pictet Bank is dealing with another issue. Switzerland's Office of the Attorney General imposed a fine on Pictet for organisational shortcomings that facilitated money laundering. "UBS and Pictet data leak after Chain IQ cyber attack " was originally created and published by Private Banker International, a GlobalData owned brand. The information on this site has been included in good faith for general informational purposes only. It is not intended to amount to advice on which you should rely, and we give no representation, warranty or guarantee, whether express or implied as to its accuracy or completeness. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content on our site. Sign in to access your portfolio