Sanctioned but still spying: intellexa’s prolific zero-day exploits continue

Intel Name: Sanctioned but still spying: intellexa’s prolific zero-day exploits continue

Date of Scan: December 5, 2025

Impact: High

Summary:
Despite U.S. sanctions, Intellexa continues selling its Predator spyware and remains one of the most aggressive exploit operators, rapidly developing or acquiring mobile zero-days. The group is linked to 15+ zero-day vulnerabilities, including CVE-2025-48543, CVE-2025-6554, CVE-2023-41993, CVE-2023-41992, CVE-2023-41991, CVE-2024-4610, and multiple Chrome and Android V8/Skia flaws dating back to 2021, enabling RCE, sandbox escapes, and privilege escalation across major platforms.

More Details