Note that Pegasus only gets installed if you click on the malicious link in a text or email. If you practice good security standards and don’t click on embedded message links from suspicious messages (from a mailing list you did not subscribe to, or from someone you don’t know, or from a company you’ve never heard of, or apparently from a company you know but where the actual message header is strange, or offering some too good to be true free thing, etc, etc).
There was also a WhatsApp exploit that allowed it to be installed when you checked missed calls, but that exploit is supposedly now patched.
But the bottom line is that in order for Pegasus to even get on your own device, you have to actively do something like follow a malicious message URL.
And it’s old now, and well researched. Everybody - Apple, Google, Microsoft, WhatsApp, etc - have all patched their software to defeat installation of Pegasus.