Rights activists, journalists and lawyers around the world have been targeted with phone malware sold to authoritarian governments by an Israeli surveillance firm, media reports say.
They are on a list of up to 50,000 phone numbers of people believed to be of interest to clients of the company, NSO, leaked to major news outlets.
It is not clear where the list came from – or whose phones had actually been hacked.
NSO denies any wrongdoing.
It says the software is intended for use against criminals and terrorists and is made available only to military, law enforcement and intelligence agencies from countries with good human rights records.
In a statement, it said the original investigation which led to the reports, by Paris-based NGO Forbidden Stories and the human rights group Amnesty International, was “full of wrong assumptions and uncorroborated theories”.
The allegations about use of the software, known as Pegasus, were carried on Sunday by the Washington Post, the Guardian, Le Monde and 14 other media organisations around the world.
Pegasus infects iPhones and Android devices to enable operators to extract messages, photos and emails, record calls and secretly activate microphones.
Forensic tests on a few phones with numbers on the list indicated more than half had traces of the spyware.
Some 180 journalists are said to be on the list, from organisations such as Agence France-Presse, CNN, the New York Times, Al Jazeera and many other news outlets.
They also include two women close to the murdered Saudi journalist Jamal Khashoggi and a Mexican journalist named Cecilio Pineda Birto, who was murdered at a carwash.
The wider list also includes heads of state and government, members of Arab royal families and business executives.