A European politician investigating the spyware industry had his phone compromised with Pegasus spyware, deployed by a government customer of NSO Group while he served on an EU committee examining the company.
The breach represents a stark irony: a lawmaker actively scrutinizing abuses of surveillance technology became a target of the exact tool under investigation.
The incident underscores ongoing concerns about NSO Group's Pegasus spyware, which has been used by government agencies worldwide to infiltrate phones of journalists, activists, and political figures. The targeting of the investigator reveals how surveillance tools designed for security purposes have been weaponized against oversight mechanisms.
NSO Group, an Israeli cybersecurity firm, markets Pegasus as a tool for combating terrorism and serious crime. However, investigations by journalists and human rights organizations have documented widespread misuse, including surveillance of individuals with no connection to criminal activity.
The EU has increased pressure on NSO Group following multiple revelations about Pegasus deployments. Various member states have faced public criticism over their use of the spyware, and EU officials have called for stricter regulations on surveillance technology exports.
The politician's phone compromise is particularly significant given the committee's role in examining the spyware industry. Such targeting of oversight officials raises questions about whether governments are using surveillance tools to intimidate or monitor those investigating them.
NSO Group has previously acknowledged that its tools can be misused by customers but maintains responsibility lies with governments purchasing the software. The company claims it has mechanisms to prevent abuse, though critics argue these safeguards are inadequate.
This incident adds pressure on EU policymakers to strengthen regulations around surveillance technology sales and use within the bloc. It also highlights the vulnerability of high-profile targets, even those with security awareness and resources.
SAP released security updates for 16 vulnerabilities in July 2026, including three critical flaws affecting NetWeaver, Commerce Cloud, and AppRouter. The patches address risks across multiple enterprise software components.
Two newly discovered phishing kits, Jalisco and OmegaLord, are actively targeting Microsoft 365 accounts with techniques designed to circumvent multi-factor authentication protections.
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned two individuals and one entity for enabling ransomware attacks against American organizations. The action targets infrastructure providers facilitating cyber threats.
As scam calls and messages proliferate, ordinary people are turning the tables on fraudsters through scambaiting—deliberately engaging scammers to waste their time and resources.