At a glance.
- Google Cloud outage knocks major services offline.
- Citizen Lab documents use of Paragon's Graphite spyware against Apple devices.
- Intellexa's Predator continues operations despite sanctions.
Google Cloud outage knocks major services offline.
Google Cloud sustained a widespread outage for several hours yesterday afternoon, disrupting dozens of major services across the web, CNBC reports. The incident affected most Google services, as well as third-party platforms that used Google Cloud. Affected services included Elastic, GitLab, GitHub, LangChain, Replit, Mailchimp, Twitch, Shopify, Spotify, Discord, and many others. TechCrunch notes that the incident "[disrupted] the middle of the work day for millions of people."
Google said all systems were back online by 6:27 PM PDT. The company says it has identified the root cause of the outage and will publish an analysis of the incident after completing an internal investigation.
Some initial reports yesterday suggested Cloudflare may have been responsible for the outage, but Cloudflare said its services were only affected insofar as they relied on Google Cloud. A Cloudflare spokesperson told BleepingComputer, "This is a Google Cloud outage. A limited number of services at Cloudflare use Google Cloud and were impacted. We expect them to come back shortly. The core Cloudflare services were not impacted."
Citizen Lab documents use of Paragon's Graphite spyware against Apple devices.
The University of Toronto’s Citizen Lab published a report yesterday on the Italian government's use of Paragon's Graphite spyware to target journalists and activists. COPASIR, the Italian government’s parliamentary committee overseeing Italy’s intelligence services, acknowledged that the government had used Graphite to target activists Luca Casarini and Dr. Giuseppe Caccia, but said it did not know who deployed Graphite against journalist Francesco Cancellato. Paragon, which is based in Israel, ended its contract with Italy after the Italian government refused to allow the company to investigate the targeting of Cancellato.
Notably, Citizen Lab says this is the first forensic confirmation of Graphite's use against iOS devices. The spyware used a zero-click attack that exploited CVE-2025-43200, a logic issue that surfaced while processing a maliciously crafted photo or video shared via an iCloud Link. Apple patched the flaw in iOS 18.3.1.
Intellexa's Predator continues operations despite sanctions.
Recorded Future's Insikt Group says the government of Mozambique appears to be a new customer of Intellexa's Predator spyware. The researchers note, "This aligns with the broader observation that Predator is highly active in Africa, with over half of its identified customers located on the continent." Insikt Group says other suspected Predator users include Angola, Armenia, Botswana, the Democratic Republic of the Congo, Egypt, Indonesia, Kazakhstan, Mongolia, Mozambique, Oman, the Philippines, Saudi Arabia, and Trinidad and Tobago.
Intellexa Group is a murky and complicated web of entities spread across Europe and the Middle East. The US government sanctioned some of its Europe-based companies last year, alleging that the spyware was "used to target Americans, including U.S. government officials, journalists, and policy experts." Recorded Future notes, "Sanctions and other pressures are likely to drive efforts to increase the complexity of corporate structures, making operations harder to trace and disrupt."
