At 4 a.m. in Singapore, emails went out to workers who were being laid off, hours before colleagues elsewhere would wake to the same message.
The sequence mattered. The layoffs began in Singapore, then moved across time zones as employees in Britain, the United States and elsewhere were notified early Wednesday morning. Inside the company, many workers began exchanging somber messages remotely, refreshing directories to see who on their teams was cut. On internal forums, hundreds reacted with salad emojis, a gesture that reads as ritual only if the underlying shock has already been absorbed.
The arithmetic is simple but the structure behind it is not
The scale had been set in advance. As of March 31, 2026, Meta had 77,986 full-time employees. Weeks later, the company laid off 8,000 of them — roughly 10% of its workforce, a number Meta confirmed in its own announcement and Mark Zuckerberg repeated in a memo dismissing 8,000 workers. The arithmetic is simple. The structure behind it is not.
Zuckerberg’s explanation did not attempt to soften the cut. The memo emphasized that “success isn’t a given” in the AI race, a line that followed his assertion that “AI is the most consequential technology of our lifetimes”. The phrasing marked a shift from earlier layoffs, when the chief executive had framed reductions as correction. This time, the language described a condition that does not correct itself.
The company did not shrink so much as it moved mass. Alongside the layoffs, an additional 7,000 employees were reassigned to AI-focused teams, a figure reported as part of the same restructuring. Jobs disappeared, but headcount did not collapse into absence; it reappeared elsewhere, under a different mandate. The cut and the redeployment belong to the same decision.
The threats are designed for scale while responsibility shifts elsewhere
That decision sits uneasily against the mechanics of the threats the company says it faces. A “1-click” attack, where a single click on a malicious link is sufficient to compromise a device, removes the need for the user to do anything beyond the first mistake. It is a type of cyberattack designed for scale, not sophistication at the point of entry. The cost is shifted to detection and response.
Meta has been explicit about who builds tools that exploit that asymmetry. The company said WhatsApp took down test accounts and groups created by NSO on its platform, part of a longer conflict with a firm that develops the notorious Pegasus spyware and has been implicated in severe abuses. Pegasus does not depend on user behaviour in the way older attacks did; it is described as super-advanced spyware, difficult to detect and remove. The pressure falls on the platform, not the person holding the phone.
The courts have begun to fix responsibility in a way that constrains that model. A US court ordered NSO to stop targeting Meta’s WhatsApp, a step the company itself warned could put it out of business. The same ruling reduced punitive damages owed to Meta to $4m from an initial $167m, but the injunction was seen as a substantial challenge that goes beyond the balance sheet. It reaches into the core of how the company operates.
Legal pressure aligns unlikely coalitions while tightening constraints
The legal pressure has not been limited to one case. Meta said it was joined by 12 prominent civil rights organisations, alongside security researchers and privacy advocates who filed amicus briefs to fight NSO’s appeal. Amnesty International called the earlier damages ruling “a momentous win in the fight against spyware abuse”. The coalition is not symbolic; it aligns the company’s commercial interests with actors who are attempting to narrow the space in which spyware can function at all.
NSO has not publicly responded in this instance. The company did not immediately respond to a Reuters request for comment. Its position is nevertheless defined by the contradiction already in place: a business model built on tools that are difficult to detect is now constrained by orders that depend on proving and preventing their use. Enforcement assumes visibility. The product depends on the absence of it.
That contradiction lands back inside Meta’s restructuring. The company has removed 8,000 workers while redirecting 7,000 into AI systems that must identify attacks designed to leave no trace of user intent. At the same time, it has tied its legal strategy to institutions that are attempting to reduce the existence of those attacks altogether. The workforce is being reshaped around a problem that the courts are trying to eliminate.
There is a narrower way to state the same pressure. Meta’s memo insists success isn’t a given in AI. The courts have already determined that NSO cannot continue targeting WhatsApp without threatening its own existence. One company is cutting and reallocating tens of thousands of roles to build systems against a class of attack. The other is being told that continuing to produce that class of attack may end its business.
The gap between those positions is where the structure no longer holds. If the injunction against NSO is enforced as written, the market for the tools Meta is reorganising itself to defend against contracts faster than the workforce has been rebuilt to fight it.
