A prominent Italian businessman, Francesco Gaetano Caltagirone, was apparently hit with Paragon’s Graphite spyware, becoming the first major corporate figure swept up in the scandal that previously implicated only journalists, activists, and NGOs. According to investigative reports by IrpiMedia and La Stampa, he was one of roughly 90 people who received a WhatsApp alert in January signaling a “possible compromise” through the spyware. The Paragon affair already revealed evidence that Graphite had infiltrated devices of Italian journalists like Ciro Pellegrino and Francesco Cancellato, as confirmed via forensic analysis by Citizen Lab. Paragon, an Israel-based spyware firm acquired by AE Industrial, severed ties with Italy following the uproar. Italy’s government has denied wrongdoing, insisting its contracts with Paragon were legally bounded—a stance under scrutiny as critics argue the scandal now reaches beyond civil society into private enterprise.
Sources: IRPI Media, Citizen Lab
Key Takeaways
– The targeting of Caltagirone expands the Paragon scandal from activists and journalists into the realm of major business elites, suggesting a broader surveillance scope.
– Forensic work by Citizen Lab has confirmed Paragon’s Graphite spyware successfully exploited zero-click vulnerabilities on iOS and Android, illustrating how stealthy and technically advanced the attacks are.
– The Italian government’s continued denial and claims of legal use of spyware contrast sharply with mounting evidence of abuse, fueling debate over accountability and oversight in democratic states.
In-Depth
When the Paragon spyware revelations first broke, most of the focus was on activists, journalists, and NGOs—groups that frequently clash with government powers. But the recent exposure that Francesco Gaetano Caltagirone, a high-profile tycoon with sprawling business and media interests, may also have been targeted signals a new escalation in how surveillance is being deployed and whom it threatens.
The case first gained traction when local Italian outlets IrpiMedia and La Stampa reported that on January 31, Caltagirone — along with about ninety users globally — received a WhatsApp alert warning of potential spyware intrusion. In earlier phases of the scandal, that same WhatsApp warning had alerted journalists such as Francesco Cancellato and Ciro Pellegrino of targeting via Paragon’s Graphite spyware. Citizen Lab’s forensic analysis confirmed that Graphite had successfully compromised devices running iOS and Android, operating invisibly via zero-click exploits and avoiding obvious detection markers.
Graphite is a particularly stealthy tool: unlike broad-spectrum spyware that takes over an entire device, it can stay confined within apps like WhatsApp, extracting sensitive data while minimizing forensic traces. This level of sophistication raises the bar on digital surveillance threats to public figures.
Paragon, headquartered in Israel and acquired by U.S. private equity firm AE Industrial in late 2024, has publicly claimed to operate under an “ethical” framework. But in February 2025, in light of media backlash, it announced it would cut ties with Italy. That move came even as the Italian government, under pressure, denied that it used Paragon to spy illegally on journalists or activists, asserting that all uses were consistent with national security laws. Still, the optics of surveillance reaching into boardrooms weakens the line that these tools are reserved only for security threats or criminal investigations.
For Italians and others watching how liberal democracies deal with internal security and privacy, the Caltagirone revelation matters. It demonstrates that advanced spyware tools are not limited to dissenters or watchdogs—they can be deployed more broadly. That reality makes calls for tighter oversight, clearer legal limits, and independent audits ever more pressing. In democratic societies, power is fragile; unchecked surveillance risks tilting that balance.