A hacking software used by authoritarian governments across the world to target journalists and activists has been uncovered in an investigation by The Guardian and 16 other media organisations.

The software named Pegasus works by infecting iPhones and Android devices of targets, giving the user a passage to secretly extract emails, photos and phone records.

Following an investigation into a massive data leak containing phone numbers of 50,000 people of interest to Pegasus users, it was revealed that the software is sold by the Israeli surveilance company NSO Group.

Those found in the leak include more than 180 journalists working with Financial Times, Reuters, CNN, the New York Times, France 24 and Associated Press. Others are academics, business executives, religious figures, academics, union leaders, NGO workers and some government officials.

Cecilio Panedo Birto, 38-year-old reporter shot dead in Mexico after a broadcast on corruption in 2017, was also found on the list.

NSO sells to security agencies in 40 countries, including Azerbaijan, Bahrain, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, Hungary, India and the United Arab Emirates (UAE), but called the report “fake news” and “uncorroborated theories”.

“The fact is NSO Group’s technologies have helped prevent terror attacks, gun violence, car explosions and suicide bombings,” the response reads in part.

“The technologies are also being used every day to break up paedophilia, sex- and drug-trafficking rings, locate missing and kidnapped children, locate survivors trapped under collapsed buildings, and protect airspace against disruptive penetration by dangerous drones.

“Simply put, NSO Group is on a life-saving mission, and the company will faithfully execute this mission undeterred, despite any and all continued attempts to discredit it on false grounds.”