A former member of the European Parliament who helped investigate the misuse of surveillance technology across the European Union was himself targeted with Pegasus spyware, according to a report released on Friday by Canada-based cybersecurity watchdog, Citizen Lab.
The report revealed that the mobile phone of Stelios Kouloglou, a Greek journalist and former Member of the European Parliament (MEP), was compromised at least three times between October 2022 and March 2023 using Pegasus, the controversial spyware developed by Israeli cyber intelligence firm, NSO Group.
At the time of the alleged cyberattacks, Kouloglou was serving on the European Parliament’s PEGA Committee, a special body established in 2022 to investigate the unlawful use of spyware across European Union member states.
The committee examined the deployment of Pegasus and similar surveillance tools, concluding that several governments had likely used such technologies both legally and unlawfully.
Reacting to the findings, Kouloglou expressed shock that someone serving on a committee investigating spyware abuse could become a victim of the same technology.
“I was not expecting that a PEGA member would be spied on by Pegasus,” he said.
“I was not expecting that they would be as reckless as that.”
NSO Group did not immediately respond to requests for comment on the latest allegations.
In a statement, the European Parliament declined to comment directly on Kouloglou’s case but said its cybersecurity teams continuously monitor threats targeting the institution.
It added that spyware detection tools have been available to all lawmakers since 2022 and noted that a report adopted last month recommended extending those protections to every device used for parliamentary work.
The European Commission also did not immediately comment on the development.
NSO Group has consistently maintained that Pegasus is licensed only to government agencies for use against terrorism and serious crime.
However, the company has repeatedly faced allegations that its technology has been deployed to monitor journalists, opposition politicians, human rights activists and other members of civil society.
The Israeli firm was placed on a United States government blacklist in 2021 over concerns relating to human rights and national security.
According to Citizen Lab, Kouloglou’s device was infiltrated through an Apple software vulnerability that was unknown at the time of the attacks.
Researchers said Apple later notified the former lawmaker in both 2023 and 2024 that he had been targeted in state-sponsored hacking attempts.
Although the researchers did not identify the entity responsible for deploying Pegasus against Kouloglou, they said elements of the campaign resembled previous operations targeting Russian- and Belarusian-speaking journalists and activists living in exile.
Apple confirmed that the software vulnerability referenced in the report has since been patched and said it routinely notifies users it believes have been targeted by sophisticated state-sponsored attackers.
Former European Parliament member Sophie in ’t Veld, who played a leading role in establishing the PEGA Committee, described the incident as further evidence of the growing threat posed by commercial spyware and the lack of accountability surrounding its use.
“We’re in a situation where anybody could spy on anyone. They’re spying on citizens, journalists, NGOs, lawyers and politicians, and nobody knows who’s behind it,” she said.
