The mobile phones of a senior Human Rights Watch staff member are alleged to have been repeatedly hacked by a client of NSO Group at a time when she was investigating the catastrophic August 2020 explosion that killed more than 200 people in Beirut, The Guardian reported.

The alleged hacking of Lama Fakih, a US-Lebanese citizen and director of crisis and conflict at HRW, marks the latest example of how NSO’s powerful surveillance tool, Pegasus, has been used by the company’s clients to target campaigners and journalists, the report said.

HRW said that Fakih had been alerted by Apple on 24 November 2021 that her personal iPhone could be under state-sponsored attack.

An investigation by HRW’s security team, which was reviewed by Amnesty International’s Security Lab, found that Fakih’s iPhones had apparently been infected with Pegasus through a so-called “zero-click” exploit that allows operators of the spyware to infect a phone without the mobile user doing anything, such as clicking on a link, the report said.

The news comes as NSO has faced a raft of bad news at home and abroad. In November, the company was placed on a US blacklist by the Biden administration, which said it had evidence that the Israeli company was enabling foreign governments to conduct “transnational repression”.

NSO has also been engulfed in a domestic crisis in Israel after it was alleged in a report by Calcalist that the Israeli police had used Pegasus to gather intelligence for investigative purposes without legal oversight.