Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Boniface Mwangi hit by cyberattack

Incident
First reported
Last updated
Happening score
H score 12
1 unique sources, 1 articles

Summary

Hide ▲

Boniface Mwangi suffered a forensic extraction incident while his Samsung phone was in Kenyan police custody, creating a risk that private messages and other sensitive data were accessed. Researchers assessed that Cellebrite tools were used around July 20-21, 2025. The device was later returned in September 2025 with the password removed. The case matters because it shows how a seized phone belonging to a prominent activist can be exposed through a commercial forensic tool.

Related Happenings

INTERPOL Operation Red Card 2.0 cybercrime arrests and takedowns

Law Enforcement
First: 19.02.2026 19:50 Last: 19.02.2026 19:50 Sources 1

About this happening: **Operation Red Card 2.0** led to **651 arrests** and the seizure of **2,341 devices** and **1,442 malicious IPs, domains, and servers**, disrupting an **online-scam** network acr...

Open Happening

GoldFactory Coretax impersonation fraud campaign

Campaign
First: 19.02.2026 17:30 Last: 19.02.2026 17:30 Sources 1

About this happening: The **GoldFactory**-linked fraud campaign now threatens **Indonesian taxpayers** at scale, with estimated losses of **$1.5m to $2m**. It ran from **July 2025** and intensified in...

Open Happening

Predator spyware targeting Teixeira Cândido's iPhone

Malware Activity
First: 18.02.2026 19:30 Last: 18.02.2026 19:30 Sources 1

How related: "This is the first forensically confirmed case of the Predator spyware being used to target civil society in Angola," the international human rights organization said. "Once the spyware was installed, the attacker could gain unrestricted access to Teixeira Cândido's iPhone."

About this happening: **Predator spyware** successfully targeted **Teixeira Cândido's iPhone** in **May 2024**, giving an attacker the ability to gain **unrestricted access** to the device. The infecti...

Open Happening

Timeline

  1. 18.02.2026 19:30 2 articles · 3mo ago

    Cellebrite extraction on Boniface Mwangi's Samsung phone

    Exploitation Observed

    Kenyan authorities used Cellebrite's forensic extraction tools on Boniface Mwangi's Samsung phone while it was in police custody after his July 2025 arrest, with researchers assessing that the tool use occurred around July 20, 2025 and July 21, 2025.

    Show sources
    Open in new tab
  2. 18.02.2026 19:30 1 articles · 3mo ago

    Researchers disclose indicators of Cellebrite use on Boniface Mwangi's phone

    Initial Disclosure

    Citizen Lab reported signs that Kenyan authorities used Cellebrite to break into Boniface Mwangi's phone and said the use could have enabled extraction of messages, private materials, personal files, financial information, passwords, and other sensitive information from his device.

    Show sources
    Open in new tab