Comment by pibaker
7 hours ago
No nation state actor is going to waste a 0day on a random nobody. Even the recent Notepad++ exploit was only used against specific political targets. Any actor smart enough to be able to have an arsenal of 0days at their disposal is also smart enough to use them only where they are worthwhile because they will only get to do it once.
Believing you are more under threat from sophisticated government hackers rather than unsecured IOT devices, unvetted npm packages or hijacked download links is just LARPing for people who want to sound more important than they actually are IMO.
We've seen examples of phones being hacked which belonged to journalists, producers, editors, activists, staffers at NGOs, lawyers, security researchers, doctors, CEOs, HNWIs, government workers, and even their families and friends. You can bet there are people here on this site which would easily be considered valuable enough targets and because the people those targets associate with are also being hacked you can bet that there are lot of "random nobodies" caught up in it. It's also not just governments using attacks on cell phones, those just tend to be the most dangerous.