Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds

Security Affairs
Actively Exploited

Overview

Stelios Kouloglou, a former Member of the European Parliament, was targeted with Pegasus spyware while investigating its use in surveillance. This revelation comes from a report by Citizen Lab, which documented multiple instances of the spyware infecting Kouloglou's devices during his tenure. The irony of a lawmaker probing into the misuse of such technology becoming a victim himself underscores serious concerns about privacy and the misuse of surveillance tools. This incident raises significant questions about the accountability of companies like NSO Group and the implications for individuals involved in political and human rights advocacy. The findings serve as a stark reminder of the potential risks faced by those investigating or opposing powerful surveillance technologies.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: Pegasus spyware from NSO Group
  • Timeline: Newly disclosed

Original Article Summary

A former EU lawmaker was hacked with Pegasus spyware while investigating its use, according to Citizen Lab. The Citizen Lab published a report documenting one of the more darkly ironic findings in recent surveillance research: former Member of the European Parliament Stelios Kouloglou was repeatedly infected with NSO Group‘s Pegasus spyware while serving on the […]

Impact

Pegasus spyware from NSO Group

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Newly disclosed

Remediation

Not specified

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Coverage

U.S. Government Agency Paid $1M to Data Extortion Group Kairos

Security Affairs

A U.S. government agency has reportedly paid $1 million to the data extortion group Kairos, according to a case study by Ransom-ISAC. This incident marks a significant shift in the tactics employed by cybercriminals, as Kairos focuses on stealing data and extorting victims instead of traditional ransomware attacks. The case study reconstructed the negotiation process using a leaked transcript and blockchain analysis to trace the ransom payment. This situation raises concerns about the security of government data and the lengths to which agencies may go to recover sensitive information. The payment also highlights the growing threat of data extortion, which can have serious implications for public trust and national security.

Jul 4, 2026

U.S. Government Entity Paid Kairos $1 Million in Data-Theft Extortion Case

The Hacker News

A U.S. government entity has reportedly paid around $1 million to a group named Kairos to prevent the release of stolen data. This situation arose from a data theft incident where sensitive files were taken, and negotiations revealed the payment through leaked chat logs and blockchain tracking. Interestingly, it appears that Kairos may not operate like traditional ransomware groups, as there is no evidence of them locking files or demanding ransom in the typical sense. This incident raises concerns about how government entities handle data breaches and the potential for attackers to exploit these situations for financial gain. The event reflects the growing challenge of data protection in the public sector and the lengths to which organizations may go to safeguard sensitive information.

Jul 4, 2026

Armored Likho Targets Government Agencies, Power Sector with BusySnake Stealer

The Hacker News

A new cyber threat group called Armored Likho has been linked to attacks against government agencies and the electric power sector in Russia, Brazil, and Kazakhstan. Researchers from Kaspersky report that this group combines financially motivated schemes targeting individuals with cyber espionage aimed at organizations. The BusySnake Stealer malware is being used in these operations, which raises concerns about the potential for sensitive data breaches. The targeting of critical infrastructure like power sectors is particularly alarming, as it can have severe implications for national security and public safety. Organizations in affected regions should bolster their cybersecurity measures to defend against these types of attacks.

Jul 3, 2026

Flock Cameras Can Surveil Cars Without License Plates

Schneier on Security

Flock Safety, a surveillance camera company, has introduced a new feature that allows law enforcement to identify vehicles even when they lack visible license plates. This system, referred to as a ‘Vehicle Fingerprint’, collects data on a vehicle’s decals, bumper stickers, and other unique identifiers, enabling officers to gather more information without complete plate details. Additionally, the technology supports a 'multi geo search', helping police track multiple vehicles believed to be traveling together. This development raises concerns about privacy and the extent of surveillance capabilities available to law enforcement, as it could lead to increased monitoring of individuals who are not necessarily under investigation. As law enforcement agencies adopt these technologies, the implications for civil liberties and personal privacy will be significant.

Jul 3, 2026

Agentic AI Used to Conduct Ransomware Attack via Langflow

SecurityWeek

Recent research has shown that attackers are using advanced AI tools, specifically Agentic AI via Langflow, to conduct sophisticated ransomware attacks. This method allows them to automate complex intrusions by combining known exploitation techniques with real-time reasoning. The implications of this development are significant; it suggests that cybercriminals can now execute multi-stage attacks with greater efficiency and less human oversight. Organizations need to be aware of these evolving tactics and bolster their defenses against such automated threats to protect sensitive data and infrastructure. As AI technology becomes more accessible, the risk of automated attacks may increase, making it crucial for companies to stay vigilant.

Jul 3, 2026

Medtronic Data Breach Impacts 3.8 Million People

SecurityWeek

In April, the hacker group ShinyHunters breached Medtronic's corporate IT systems, compromising the personal and medical information of approximately 3.8 million individuals. This incident raises serious concerns about patient privacy and data security, as sensitive information could potentially be used for identity theft or fraud. Medtronic has not disclosed the specific types of data accessed, but given the nature of the breach, it likely includes critical health-related details. The event serves as a stark reminder of the vulnerabilities that exist within healthcare systems and the ongoing threat posed by cybercriminals. Organizations in the healthcare sector need to bolster their defenses to protect sensitive patient data from similar attacks in the future.

Jul 3, 2026