In a chilling development that has sent shockwaves through the corridors of the European Union, security researchers have confirmed that a high-ranking European politician was surreptitiously surveilled using Pegasus spyware while actively serving on a committee tasked with investigating the very same technology. The discovery marks a watershed moment in the global debate over the unchecked proliferation of military-grade cyber-surveillance tools. The Citizen Lab, a world-renowned digital rights research unit based at the University of Toronto, revealed in a report released this past Friday that Stelios Kouloglou, a Greek journalist and former member of the European Parliament, was the victim of a sophisticated digital intrusion. The breach represents the first time a member of the European Parliament’s Committee of Inquiry to investigate the use of Pegasus and equivalent surveillance spyware (PEGA) has been identified as a target. The incident underscores a troubling irony: as the committee worked to uncover how European governments were abusing private surveillance tools to monitor political opponents, journalists, and civil society, its own members were being systematically targeted by the very threat they were sworn to expose. The Anatomy of an Intrusion According to forensic evidence gathered by Citizen Lab, Kouloglou’s iPhone was compromised on multiple occasions between 2022 and 2023. The attacks employed "zero-click" exploits—a terrifying capability that allows spyware to infect a device without requiring the victim to click a link or download a file. The primary vector for the intrusion was a vulnerability within Apple’s HomeKit smart home framework. By weaponizing this flaw, the spyware operator was able to bypass traditional security measures, effectively turning Kouloglou’s personal smartphone into a remote microphone, camera, and data harvester. The software granted the attacker full, real-time access to encrypted messaging apps, email correspondence, geolocation history, and private photo libraries. Citizen Lab’s technical analysis confirmed that the attacks occurred during pivotal moments in the committee’s timeline. The first identified compromise took place in October 2022, a period characterized by high-stakes deliberations over the committee’s initial findings regarding spyware abuse in Cyprus, Greece, Hungary, Poland, and Spain. A second wave of infections was detected on March 6 and 7, 2023, as Kouloglou traveled between Athens and Brussels for critical committee hearings. Chronology of the Surveillance Campaign The targeting of Kouloglou appears to have been calculated, aligning with specific moments of legislative sensitivity: October 2022: As the PEGA committee drafted its initial reports, Kouloglou was hospitalized for a pre-scheduled surgery. The spyware operators exploited this window, potentially gaining access to private conversations regarding his medical condition and sensitive professional discussions conducted from his hospital bed. March 2023: As the committee entered the final stretch of its investigation, the spyware was deployed twice during Kouloglou’s transit between Athens and Brussels. This timing suggests an interest in his travel patterns and his private communications leading up to the finalization of the committee’s damning report. The persistence of these attacks suggests that the operator was not merely gathering intelligence on a single event, but was engaged in a long-term campaign to monitor the inner workings of the European Parliament’s oversight process. A "Direct Attack on the Rule of Law" For Kouloglou, the realization that his digital life had been laid bare by an unseen hand was a deeply personal violation. In an interview with TechCrunch, he described the experience as "reckless." "You realize that all of your personal data [was taken]—not just the professional exchanges or messages with ministers—but also the very private things, like the happy moments and the sad moments," Kouloglou stated. He noted that the breach extended far beyond his work on the committee, infringing upon the fundamental rights of his friends, family, and sources. The reaction from his peers in Brussels has been one of indignation. Serving lawmakers have described the hacking of a colleague as a "direct attack on the rule of law." The incident has emboldened calls for the European Commission to move beyond symbolic rhetoric and impose strict, enforceable limitations on the export and use of spyware across the 27-member bloc. Critics argue that the existing regulatory framework is insufficient to curb the predatory nature of companies like the NSO Group, whose Pegasus software remains the gold standard for state-sponsored digital espionage. The Shadow of the NSO Group While Citizen Lab did not formally attribute the attack to a specific sovereign state, their findings provide a clear breadcrumb trail. The researchers identified that the email address used to initiate the infection was the same one used in previous campaigns targeting journalists across Europe. This detail is significant. The reuse of the same "attack infrastructure" implies that a single government client, likely operating with the authorization of the NSO Group, was responsible for the intrusion. It suggests a client with the resources and the clearance to deploy Pegasus across multiple borders, further complicating the geopolitical implications of the breach. The NSO Group, headquartered in Israel, has long maintained that its software is sold exclusively to vetted government intelligence and law enforcement agencies for the sole purpose of fighting terrorism and organized crime. However, the recurring discovery of their tools on the devices of human rights defenders, journalists, and politicians has repeatedly debunked these claims. Despite the controversy, the NSO Group’s survival remains a point of contention. The company has recently faced efforts to rehabilitate its image, including securing significant investments from American financial entities. This, combined with the fact that the company remains under heavy scrutiny from the U.S. government—which has placed it on a restricted trade list—creates a complex global landscape for the future of the spyware industry. Wider Implications for Democracy The hacking of a European legislator is not merely a technical failure; it is a profound democratic crisis. If those tasked with holding governments accountable can be effectively silenced or surveilled, the foundation of democratic oversight begins to crumble. Kouloglou has declared his intention to take legal action against the NSO Group. His decision to go public, he says, is motivated by a desire to defend "democracy, human rights, and the fight against corruption." "Corruption concerns everybody," he emphasized. As the European Parliament continues to grapple with the fallout of this revelation, several critical questions remain unanswered: Who is the client? The international community is still waiting for a definitive answer regarding which state actor utilized the NSO Group’s tools to target a European parliamentarian. What was the objective? Was the goal to influence the findings of the PEGA report, or to identify and neutralize the committee’s sources? Will there be accountability? With the NSO Group continuing to attract investment and the European Commission remaining largely silent on the request for comment, the prospect of genuine regulatory reform remains uncertain. The incident involving Stelios Kouloglou serves as a stark reminder that in the age of digital surveillance, privacy is a privilege that is becoming increasingly difficult to defend. When the tools designed to protect national security are turned against the architects of democracy, the resulting damage is not just to individual phones, but to the trust that underpins the European political project itself. As of the time of this publication, the European Commission has declined to comment on the report, and the NSO Group has not responded to inquiries. The silence from these institutions, set against the backdrop of such a clear violation, speaks volumes about the uphill battle facing those who seek to regulate the wild west of state-sponsored cyber-surveillance. For now, the case remains an open wound, a symbol of the pervasive reach of modern spyware and the urgent need for a unified, global response to protect the sanctity of political discourse. Post navigation The Catalyst: Why TechCrunch’s Startup Battlefield Australia is the Launchpad Every Founder Needs The Dune Keypad: Can a $119 "Gumstick" Solve the Mac Productivity Puzzle?