PREDATOR IN THE WIRES: Ahmed Eltantawy Targeted with Predator Spyware After Announcing Presidential Ambitions

**Executive summary:** Citizen Lab documents that between 2021 and 2023 former Egyptian MP Ahmed Eltantawy was repeatedly targeted with Cytrox’s Predator spyware via SMS/WhatsApp lures and network injection; investigators recovered an iOS zero-day exploit chain (CVE-2023-41991 / CVE-2023-41992 / CVE-2023-41993) used to deliver the Predator payload, fingerprinted Predator infrastructure (F1/F2), and localized the network injector to a link between Telecom Egypt and Vodafone Egypt, attributing the injector to Sandvine PacketLogic and the spyware to Cytrox with high confidence, and recommending immediate patching and Lockdown Mode.