Editor Notes: Amnesty International's report can be accessed at the following URL: https://www.amnesty.org/en/documents/eur70/8813/2024/en/. The BIA's brief response to the report can be read here: https://www.bia.gov.rs/mediji/saopstenja-za-javnost/saopstenje-bia-16-12-2024-godine/. In terms of the timeline of events, it is reported Serbian authorities were using Cellebrite between 2021 and 2024. In February 2024, they reportedly targeted the journalist Slaviša Milanov; between July and November 2024 there were reportedly at least nine activists who were detained or questioned and had their phones and computers seized, with allegations that the Serbian security services used the Cellebrite UFED forensic tools to extract data from the devices and, reportedly in some cases, they had installed NoviSpy. Between July and August 2024, when anti-lithium mining protests took place, Serbian authorities reportedly arrested 33 activists and seized their devices for forensic searches. In October 2024, an activist from the NGO Krokodil had, according to Amnesty International's forensic analysis, NoviSpy installed on their device while being interviewed by the BIA. On December 16, 2024, Amnesty published their report (which is being used for this incident ID's date). In response, Cellebrite halted their sales to Serbia, which they announced on February 25, 2025. It is also reported that Google Project Zero and the Threat Analysis Group have confirmed a zero-day vulnerability in Android exploited by Serbian authorities, which was later patched.