The Citizen Lab has discovered evidence that Kenyan authorities broke into a well-known dissident's phone using a commercial forensic extraction tool made by the Israeli company Cellebrite This article explores samsung phone police. . This is the most recent instance of technology abuse that targets civil society.

The indicators were discovered on the personal phone of Boniface Mwangi, a Kenyan pro-democracy activist who has declared his intention to run for president in 2027, according to the interdisciplinary research unit at the University of Toronto's Munk School of Global Affairs & Public Policy. In particular, it has come to light that his Samsung phone, which was in police custody after his arrest in July 2025, was used with Cellebrite's forensic extraction tools.

When the phone was given back to him in September, almost two months later, Mwangi discovered that it was no longer password-protected and could be unlocked without one. The use of Cellebrite's technology on the phone on or around July 20 and July 21, 2025, has been determined with high confidence. These later attempts at attack all seem to have failed, most likely because the links were not clicked.An analysis by the French offensive security firm Reverse Society claims that Predator is a commercial spyware program "designed for dependable, long-term deployment" that gives operators real-time control over surveillance activities by enabling or disabling modules according to target activity.

The intricacy of the spyware is demonstrated by the fact that Predator has been discovered to integrate a number of unreported anti-analysis techniques, such as a crash reporter monitoring system for anti-forensics and SpringBoard hooking to prevent recording indicators from victims when the microphone or camera is turned on. Additionally, it has clear safeguards against operating in Israeli and American locations. Researchers Shen Yuan and Nir Avraham of Jamf Threat Labs stated, "These findings demonstrate that Predator's operators have granular visibility into failed deployments, [...] enabling them to adapt their approaches for specific targets."