BadeSaba
February 28, 2026
•[ hacking, hacktivism, propaganda ]
BadeSaba, a religious calendar app with more than 5 million downloads, was hacked to display anti-regime messages to users. The compromised app showed propaganda urging armed forces to surrender and join the people.
IRNA
February 28, 2026
•[ hacktivism, website defacement, political messaging ]
IRNA was hacked to display political messages during the same campaign that affected BadeSaba. Reporting says multiple Iranian news websites were compromised, and this row captures IRNA as one named victim.
Roskomnadzor
February 27, 2026
•[ DDoS attack, multi-vector attack, traffic scrubbing ]
A multi-vector DDoS attack targeted Roskomnadzor online resources. Traffic peaked at 33 Gbps and 36.9 million packets per second before malicious traffic was redirected to scrubbing servers and access was restored.
Ministry of Defence of the Russian Federation
February 27, 2026
•[ DDoS attack, multi-vector attack, cyber attack ]
A multi-vector DDoS attack targeted online resources associated with the Russian Ministry of Defense. Traffic peaked at 33 Gbps and 36.9 million packets per second before mitigation restored access.
Federal State Unitary Enterprise Main Radio Frequency Center
February 27, 2026
•[ DDoS attack, network infrastructure, cyber security ]
A multi-vector DDoS attack targeted infrastructure operated by the Main Radio Frequency Center. Traffic peaked at 33 Gbps and 36.9 million packets per second before malicious traffic was redirected to scrubbing servers and access was restored.
Wilhelmsen Ship Management (Norway) AS
February 27, 2026
•[ ransomware, data leak, operational disruption ]
A ransomware incident affected systems on a single Wilhelmsen-managed ship and disrupted that vessels operations. Later reporting said passport and next-of-kin information relating to personnel on that ship was also compromised.
Dienst Justitiële Inrichtingen
February 27, 2026
•[ data leak, vulnerability exploit, internal network access ]
Hackers exploited an Ivanti Endpoint Manager Mobile flaw to access the internal network of the Dutch prisons agency and view staff contact details and security certificates; they also gained access to phones, tablets, and laptops.
Mexico City Civil Registry
February 26, 2026
•[ data leak, unauthorized access, exfiltration ]
Attackers gained unauthorized access to Mexican government civil registry databases and exfiltrated sensitive records. Stolen data reportedly includes birth certificate information and national identification numbers from Mexico Citys civil registry.
Monterrey Water Utility
February 26, 2026
•[ unauthorized access, data leak, billing information ]
Attackers gained unauthorized access to Monterreys municipal water utility databases and stole internal and customer records. The exposed data reportedly includes billing and account information linked to utility customers.
Mexico Tax Authority
February 26, 2026
•[ data leak, unauthorized access, government ]
Attackers accessed Mexican tax authority systems and exfiltrated taxpayer information. The compromised data reportedly includes tax records and taxpayer identification details.
Michoacán State Government
February 26, 2026
•[ data breach, citizen identification data, government registry records ]
Attackers accessed databases belonging to the Michoacn state government and stole sensitive administrative records. The compromised information reportedly includes citizen identification data and government registry records.
Tamaulipas State Government
February 26, 2026
•[ data leak, citizen records, government registry information ]
Attackers accessed databases belonging to the Tamaulipas state government and exfiltrated sensitive citizen records. The stolen data reportedly includes government registry information and personal identification numbers.
National Tax Service Korea
February 26, 2026
•[ data leak, cryptocurrency, seed phrase exposure ]
South Koreas National Tax Service accidentally published a hardware wallet recovery phrase in a press photo announcing seized assets. An unknown attacker used the exposed seed phrase to transfer roughly $4.8 million in cryptocurrency from the wallet.
Centre for Information Technologies of the State (CTIE)
February 26, 2026
•[ malware, data leak, government ]
CTIE detected malware on a system used to manage government mobile-device access and later said an external actor accessed device-holder information and device characteristics. The temporary loss of mobile access to internal state services resulted from CTIE isolating the affected system as a precaution.
Ngong Ping 360
February 26, 2026
•[ ransomware, data breach, internal network compromise ]
Ngong Ping 360 said an attacker stole personal data from its internal network and made a ransom demand. The company said the affected network was separate from cable car operations and electronic payment systems.
KomikoAI
February 25, 2026
•[ data breach, PII, AI prompts ]
In February, the AI-powered comic generation platform KomikoAI suffered a data breach. The incident exposed 1M unique email addresses along with names, user posts and the AI prompts used to generate content. The exposed data enables the mapping of individual AI prompts to specific email addresses.
Lovora
February 25, 2026
•[ data breach, personal information, email addresses ]
In February 2026, the couples and relationship app Lovora allegedly suffered a data breach that exposed 496k unique email addresses. The data also included users display names and profile photos, along with other personal information collected through use of the app. The apps maker, Plantake, did not respond to multiple attempts to contact them about the incident.
Clalit Health Services
February 25, 2026
•[ data leak, healthcare breach, cyber attack ]
Handala claimed it breached Clalit Health Services and published patient files and internal documents online; Clalit said it was investigating the incident and that systems were operating normally.
YES Bank / BookMyForex
February 24, 2026
•[ financial fraud, unauthorized transactions, prepaid forex card breach ]
Attackers used compromised YES Bank and BookMyForex prepaid forex card details to conduct unauthorized USD-BRL transactions at multiple merchants. Roughly 5000 customers were affected and about $280000 in fraudulent transactions were processed before the activity was blocked.
LexisNexis Legal & Professional
February 24, 2026
•[ data leak, cloud security breach, vulnerability exploitation ]
FulcrumSec breached LexisNexis Legal & Professional AWS infrastructure through a vulnerable React container and exfiltrated company and customer data. The stolen dataset includes millions of database records and customer account information.
