• Home
  • Blog
  • Android
  • Cars
  • Gadgets
  • Gaming
  • Internet
  • Mobile
  • Sci-Fi
Tech News, Magazine & Review WordPress Theme 2017
  • Home
  • Blog
  • Android
  • Cars
  • Gadgets
  • Gaming
  • Internet
  • Mobile
  • Sci-Fi
No Result
View All Result
  • Home
  • Blog
  • Android
  • Cars
  • Gadgets
  • Gaming
  • Internet
  • Mobile
  • Sci-Fi
No Result
View All Result
Blog - Creative Collaboration
No Result
View All Result
Home Mobile

EU lawmaker who investigated spyware abuse was hacked with Pegasus

July 3, 2026
Share on FacebookShare on Twitter

Stelios Kouloglou spent two years on the European Parliament committee set up to investigate governments spying on their own citizens with commercial hacking tools.

According to a report published Friday by Citizen Lab, the University of Toronto research group, his own phone was hacked with Pegasus spyware while that inquiry was under way.

Kouloglou, a Greek former MEP with the left-wing SYRIZA party, served as a substitute member of the PEGA committee, the parliamentary body formed in 2022 to examine the use of Pegasus and similar spyware across EU member states.

Citizen Lab found forensic evidence of three separate infections on his iPhone, one in October 2022 and two more in March 2023, while the committee was drafting its findings.

The spyware was Pegasus, made by Israel’s NSO Group, and Citizen Lab says it identified it with high confidence. The October 2022 infection landed while Kouloglou was in hospital for a scheduled procedure.

The other two arrived within a day of each other in March 2023, as he travelled between Athens and Brussels during the final stretch of negotiations over the committee’s report.

What Citizen Lab has not done is name who ordered the hack. The exploit relied on a previously patched Apple vulnerability that had not yet been installed on Kouloglou’s device, a zero-click method needing no action from the target.

Researchers linked the infrastructure behind it to a campaign already used against journalists elsewhere in Europe, pointing to an NSO government client rather than the company itself, though that client remains unidentified.

NSO licenses Pegasus exclusively to government agencies, but that is not the same as naming an attacker. No country has been identified as the operator, and Citizen Lab’s report is explicit that attribution stops there.

Kouloglou called the intrusion “reckless” and said he intends to sue NSO Group. He told researchers he only learned of the infections in May, after a lawyer referred him to Citizen Lab for a phone check. NSO Group did not respond to requests for comment from either Citizen Lab or the reporters who covered the findings.

The European Parliament, asked about the case, did not address Kouloglou’s situation directly. A spokesperson said the institution’s IT security team “constantly monitors cybersecurity threats” and that spyware-screening tools have been available to members since 2022, the same year the PEGA committee was formed.

A follow-up report adopted by parliament last month called for extending that screening to every device MEPs use for parliamentary business.

Other members of the PEGA committee were quick to react. German MEP Hannah Neumann called for parliament to finally implement the committee’s original recommendations, which have largely sat untouched since 2023.

Ron Deibert, Citizen Lab’s director, described the case as “ironic” given Kouloglou’s role investigating the same technology that was used against him, and warned that an unregulated spyware industry corrodes trust in democratic institutions well beyond any single target.

The PEGA committee’s 2023 report had already concluded that Pegasus and comparable tools were misused in Poland, Hungary, Greece and Spain, and called for tighter EU-wide controls on their sale and use. Little of that has translated into binding law.

A separate case out of Bulgaria, where leaked export licences showed a Sofia-based NSO affiliate shipping surveillance equipment to intelligence agencies from Azerbaijan to the UAE, suggests the enforcement gap the committee warned about has only widened since.

Even outside the Pegasus market proper, cheaper commercial spyware sold to European law enforcement, like the fake WhatsApp app built by Italy’s SIO, shows how far the underlying problem has spread beyond a single vendor.

Kouloglou’s case adds a personal detail to what has largely been an abstract policy fight. The people who spent two years documenting spyware abuse for the European Parliament were plausible targets for the tool they were scrutinising, and at least one of them was hit while the ink on the findings was still drying.

Next Post

NYT Mini crossword answers, hints for July 3, 2026

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

No Result
View All Result

Recent Posts

  • Spotify pushes back on Kalshi and Polymarket after a song’s chart run looked rigged
  • Tesla’s Model Y L is now available in the U.S.
  • Are these 6 popular Android phones worth upgrading from in 2026?
  • Anduril rocket motor explodes at Mississippi test site
  • Mark Zuckerberg admits the AI restructuring isn’t going all that great, report says

Recent Comments

    No Result
    View All Result

    Categories

    • Android
    • Cars
    • Gadgets
    • Gaming
    • Internet
    • Mobile
    • Sci-Fi
    • Home
    • Shop
    • Privacy Policy
    • Terms and Conditions

    © CC Startup, Powered by Creative Collaboration. © 2020 Creative Collaboration, LLC. All Rights Reserved.

    No Result
    View All Result
    • Home
    • Blog
    • Android
    • Cars
    • Gadgets
    • Gaming
    • Internet
    • Mobile
    • Sci-Fi

    © CC Startup, Powered by Creative Collaboration. © 2020 Creative Collaboration, LLC. All Rights Reserved.

    Get more stuff like this
    in your inbox

    Subscribe to our mailing list and get interesting stuff and updates to your email inbox.

    Thank you for subscribing.

    Something went wrong.

    We respect your privacy and take protecting it seriously