:

100 COUNTRIES NOW HAVE CYBER INTRUSION SOFTWARE

SECURITY DESK2 MIN READ
WED, APR 22, 2026

■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE

The UK's GCHQ estimates approximately 100 nations have acquired sophisticated cyber intrusion tools like Pegasus, signaling that access to advanced hacking technology is becoming increasingly widespread.

According to UK intelligence officials, the proliferation of commercial spyware represents a growing security threat. Pegasus, the NSO Group's flagship surveillance tool, exemplifies the type of software now accessible to state actors across the globe. The assessment suggests that barriers to obtaining such technology have eroded significantly. What once required substantial technical expertise and resources is now available through commercial channels, lowering the threshold for nation states seeking cyber capabilities. Pegasus gained international attention following revelations about its use against journalists, human rights activists, and political figures. The software exploits mobile device vulnerabilities to extract data, capture communications, and activate device cameras and microphones. The GCHQ's estimate reflects broader concerns about the militarization of cyber tools. As more countries obtain intrusion software, the potential for coordinated attacks, espionage campaigns, and destabilization efforts increases. Intelligence agencies worldwide have flagged the concentration of such capabilities among state and non-state actors. The proliferation has prompted calls for stricter regulation of the commercial surveillance industry. Several countries have already restricted or banned the export of cyber intrusion technology, though enforcement remains inconsistent. With approximately 195 nation states in existence, GCHQ's figure indicates that roughly half have acquired such capabilities. The estimate underscores the dual-use nature of cybersecurity tools—technologies developed for defensive purposes increasingly serve offensive applications. The spread of these tools complicates international cyber governance and raises questions about attribution in cyberattacks. When intrusion software becomes widely available, determining which state actor conducted an operation becomes significantly more difficult.

■ SOURCES

Techmeme

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

Federal prosecutors have unsealed a 2024 indictment charging three Russian nationals and two web hosting services with facilitating cyberattacks and money laundering that victimized cybercrime targets of $62 million.

JUST NOWSecurity Desk

A hacker accessed Suno's source code using stolen employee credentials, revealing that the AI music generator scraped decades of audio from YouTube to train its model.

JUST NOWAI Desk

Criminals can now clone voices with AI in mere seconds, outpacing traditional authentication defenses that banks and financial institutions rely on to prevent fraud.

JUST NOWAI Desk

Five malicious versions of AsyncAPI packages were published to npm, delivering a remote access trojan capable of stealing credentials and sensitive data from developer systems.

JUST NOWDev Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.