Meta Won in Court. NSO Allegedly Kept Hacking Anyway.

On 8 June 2026, Meta asked a US federal court to hold the spyware vendor NSO Group in contempt — alleging that NSO had violated the permanent injunction barring it from targeting WhatsApp and its users. If the allegations hold up, it means that the most significant courtroom victory ever won against a commercial spyware maker did not actually stop the spyware maker.

That is a sobering thing to sit with, and it carries a lesson that goes well beyond one company and one lawsuit: legal accountability is necessary, and it is not sufficient. The reason cuts to the heart of how this category of attack works, and why it defeats encryption without ever touching it.

The case so far

Meta sued NSO Group after NSO exploited WhatsApp to deliver its Pegasus spyware to roughly 1,400 targets in 2019. The litigation ground on for years and ended in a landmark result: a jury found NSO liable and awarded Meta around $168 million in damages (a figure the judge subsequently reduced), and — more importantly for the long run — the court issued a permanent injunction prohibiting NSO from ever again targeting WhatsApp or its users.

An injunction is supposed to be the part with teeth. Damages are a one-time cost a well-funded vendor might treat as the price of doing business. An injunction is a standing court order: violate it, and you’re in contempt, which is a direct confrontation with the court’s authority.

Meta’s June filing alleges that NSO did exactly that. According to Meta, it disrupted NSO-linked social-engineering activity — spearphishing efforts designed to push targets toward malicious links leading outside WhatsApp — and caught NSO standing up test accounts and groups on the platform, which Meta removed. Meta argued that easing restrictions on NSO would “undermine US national security and put American companies and billions of people worldwide who depend on secure communications at risk.” NSO did not respond to requests for comment in the reporting on the filing.

We’re going to be careful here: these are allegations in a motion, the specifics will be litigated, and the exact counts and attributions are the court’s to weigh, not ours to assert. What matters for understanding the threat is not the precise tally. It’s the pattern — that a vendor under a permanent injunction was, per Meta, allegedly still operating against the very platform it was ordered to leave alone.

Why this isn’t an encryption problem

Here is the crucial technical point, and it’s one we keep coming back to because it is so often misunderstood: Pegasus and tools like it do not break end-to-end encryption. They make encryption irrelevant by taking over the device.

Think about where decryption happens. Your messages are encrypted in transit and on the network, unreadable to anyone in the middle. But on your phone, in order for you to read them, they are decrypted and displayed. A spyware implant that controls your phone is sitting at that exact spot — after decryption, at the screen, at the keyboard, at the microphone. It reads what you read. It doesn’t need your keys; it waits for your phone to use them, then watches.

[ sender ] --E2EE-->  …network…  --E2EE--> [ your phone ]
                                                  │ decrypts to show YOU
                                                  ▼
                                          [ Pegasus reads it here ]

The most advanced of these are zero-click: they require no tap, no mistake, no link clicked. A specially crafted message exploits a flaw in how the device processes it, and the implant lands before you’ve done anything at all. That is why this category is so dangerous to journalists, activists, lawyers, and dissidents — the targets can do everything right and still be owned.

This spring offered more examples than NSO alone. WhatsApp notified roughly 200 users — primarily in Italy — that they’d been targeted with a counterfeit WhatsApp app carrying spyware attributed to an Italian vendor. And in the long-running Paragon “Graphite” affair, reporting indicated the vendor had stopped cooperating with Italian prosecutors investigating the hacking of a journalist’s phone, even as Graphite’s zero-click implant — historically aimed at encrypted-messenger users — remained the subject of active inquiry. Different vendors, same architecture of attack: own the endpoint, and the encryption protecting the wire becomes beside the point.

What the law can and can’t reach

So what does the Meta v. NSO contempt fight actually tell us about accountability?

The optimistic read: a private company with deep pockets and strong legal standing can drag a mercenary spyware vendor into court, win, and obtain a standing order — and then return to court to enforce it. That is real power, and it is more than most victims of spyware will ever have. Litigation like this raises the cost and the visibility of the trade, and visibility is itself a form of pressure on an industry that depends on operating in the dark.

The realistic read: an injunction is a piece of paper, and a vendor that is determined, well-funded, and operating across jurisdictions can apparently treat compliance as optional until forced. Enforcement is slow, adversarial, and depends on the plaintiff detecting the violation in the first place — which only happened here because Meta has a world-class threat-intelligence team watching its own platform. Most communication tools have nothing of the kind. The accountability that exists is concentrated where the resources are.

The honest synthesis is that courts are a backstop, not a shield. They punish after the fact, sometimes, partially, slowly. They do not stand between an attacker and your phone tonight.

Where this leaves a tool like RVNT

We want to be completely straight about this, because overpromising here would be exactly the kind of dishonesty this blog exists to avoid: no messenger can protect you from a fully compromised endpoint. If a zero-click implant owns your phone, it sees what you see, in any app, and RVNT is no exception. We say this in plain language in our threat model, and anyone who tells you their app defeats Pegasus is lying to you.

What a well-designed system can do is shrink the attack surface and refuse to make targeting easier:

• Less to exploit, fewer ways in. Zero-click attacks need a flaw in how a message is parsed and rendered. A smaller, simpler, memory-safe codebase is a smaller target. RVNT’s core is Rust — a memory-safe language that structurally eliminates entire classes of the parsing bugs these implants rely on — and the design favors fewer auto-processing entry points.
• No central targeting metadata. Mercenary spyware operations begin with targeting: figuring out who to attack and how to reach them. Sealed sender and aggressive metadata minimization mean there is no central server holding a tidy who-talks-to-whom graph for an operator to mine. We explained why that graph is so valuable in Metadata Is the Message.
• Auditability instead of trust. Because RVNT is open source under AGPLv3, the message-handling code that a zero-click exploit would target is open to inspection and hardening by anyone, rather than a black box only the attacker studies.
• Duress is handled. For the high-risk users these tools target, coercion is part of the threat. RVNT’s panic / duress mode is built for the moment a device is taken, not just for the moment it’s hacked.

The honest limit

Endpoint compromise is the hardest problem in this entire field, and it is not one an app vendor can solve alone. The real mitigations live at the operating-system and hardware level: rapid security patching, lockdown modes that disable risky message-processing features, hardened mobile operating systems, and — for the highest-risk users — compartmentalized devices. RVNT can reduce its own attack surface and refuse to leak targeting data. It cannot patch your operating system or guarantee no zero-click exists in the stack beneath it, and we won’t pretend otherwise.

Meta v. NSO matters because it tests whether the law can reach an industry that profits from breaking into the devices of the people least able to defend themselves. We hope the court’s authority means something. But the durable defense was never going to be a verdict. It’s a smaller attack surface, less metadata to target, patched endpoints, and tools whose security you can verify instead of trust.

Don’t take that on faith either. Read the threat model, read the code, and judge for yourself exactly where the protection ends — because the honest edges are the ones worth knowing.