X (Formerly Twitter)
March 10, 2025
•[ DDoS, service disruption, hacktivism ]
Social media platform X (formerly Twitter) suffered a massive cyberattack involving a large-scale DDoS assault that caused worldwide outages and service disruptions. The company activated additional defenses through Cloudflare to mitigate the impact. The hacktivist group Dark Storm claimed responsibility for the attack, while Elon Musk suggested possible involvement of state-sponsored actors after attack traffic was traced to IPs originating from Ukraine a claim the group denied. The disruption temporarily affected user access and platform functionality, marking one of the largest attacks against X since its rebranding.
French Institutional Websites
February 28, 2025
•[ ddos, hacktivism ]
Pro-Russian group launched coordinated ddos waves against multiple French targets.
Leonardo S.p.A.
February 21, 2025
•[ ddos, hacktivism ]
Pro-Russian hacktivist group NoName057(16) launched DDoS attacks against multiple Italian entities; on Feb 21, 2025 (Day 5) several sites including Leonardo and Edison were unreachable. ACN provided support and mitigation guidance; no data theft reported.
Italian Banks
February 21, 2025
•[ ddos, hacktivism ]
ProRussia hacktivist group NoName057 launched DDoS attacks against Italian banks (Mediobanca, Nexi, Intesa, Monte dei Paschi) in retaliation for statements by the Italian president; no significant disruption according to national cybersecurity agency
CarMoney
February 21, 2025
•[ hacktivism, data leak, unverified ]
On February 21 2025, the hacktivist group Ukrainian Cyber Alliance claimed responsibility for a cyberattack on Russian vehicle-loan firm CarMoney. The group stated it destroyed digital infrastructure and exfiltrated terabytes of borrower data, including information tied to Russian military and intelligence officers. CarMoney confirmed shutting down all systems but denied any personal data compromise. No encryption or verified data leak has been independently confirmed.
Ministry for Enterprise and “Made in Italy”
February 18, 2025
•[ ddos, hacktivism, government ]
Pro-Russian hacktivist group NoName057(16) claimed coordinated DDoS attacks against Italian ministries and companies, causing brief service disruptions but no data compromise; politically motivated; mitigated by authorities over several days.
Multiple companies in Italy
February 18, 2025
•[ ddos, hacktivism ]
Attack by proRussian hackers Noname057 via DDoS on ~20 important Italian web portals, politically motivated.
Transport Authority
February 17, 2025
•[ ddos, hacktivism, service disruption ]
On February 17, 2025, hacktivist group NoName05716 launched a DDoS attack on Italys Transport Authority, causing temporary service slowdowns. The attack was part of a broader campaign targeting Italian institutions in retaliation for political statements by President Sergio Mattarella.
Port of Taranto
February 17, 2025
•[ ddos, hacktivism ]
On February 17, 2025, hacktivist group NoName05716 launched a DDoS attack on the Port of Taranto in Italy, causing temporary disruptions. The attack was part of a broader campaign targeting Italian institutions in retaliation for political statements by President Sergio Mattarella.
Malpensa Airport
February 17, 2025
•[ ddos, hacktivism ]
On February 17, 2025, hacktivist group NoName05716 launched a DDoS attack on Malpensa Airport in Italy, causing temporary slowdowns. The attack was part of a broader campaign targeting Italian institutions in retaliation for political statements by President Sergio Mattarella.
Linate Airport
February 17, 2025
•[ ddos, hacktivism ]
On February 17, 2025, hacktivist group NoName05716 launched a DDoS attack on Linate Airport in Italy, causing temporary slowdowns. The attack was part of a broader campaign targeting Italian institutions in retaliation for political statements by President Sergio Mattarella.
Port of Trieste
February 17, 2025
•[ ddos, hacktivism, government ]
On February 17, 2025, hacktivist group NoName05716 launched a DDoS attack on the Port of Trieste in Italy, causing temporary disruptions. The attack was part of a broader campaign targeting Italian institutions in retaliation for political statements by President Sergio Mattarella.
~14 undisclosed Italian air transport and banking websites
February 17, 2025
•[ ddos, hacktivism ]
According to Italian press (Finance.si, Reuters), pro-Russian hacktivist group NoName057(16) conducted coordinated DDoS attacks against Italian institutions on February 17, 2025. While six named victims were identified (Malpensa, Linate, Transport Authority, Port of Taranto, Port of Trieste, Intesa Sanpaolo), reports indicate approximately 20 total websites were targeted. This record represents ~14 additional undisclosed Italian websites that experienced partial disruption.
Presidency Of The Italian Republic (Quirinale)
February 17, 2025
•[ ddos, hacktivism ]
Pro-Russian group conducted coordinated Ddos against Italian institutional websites including Quirinale.
Philippine Charity Sweepstakes Office (PCSO)
February 13, 2025
•[ data leak, hacktivism, government ]
Hacktivist group Philippine Exodus Security claimed responsibility for exfiltrating approximately 100 GB of data from PCSO branch office email accounts in February 2025. While PCSO denied a central database breach, DICT confirmed that unauthorized access to email systems occurred. The group stated its goal was to expose alleged corruption, not to extort funds.
Israel Police
February 9, 2025
•[ data leak, hacktivism, third-party compromise ]
Hacktivist group Handala claimed to have breached Israel Police systems and exfiltrated 2.1 TB of data containing 350,000 documents with officer information, weapon licenses, and case files. Authorities denied direct network infiltration and suggested a third-party vendor compromise.
News.bg and other Bulgarian media outlets
February 2, 2025
•[ denial of service, hacktivism ]
Massive SSL-based distributed denial-of-service (DDoS) attacks targeted News.bg and several other Bulgarian media websites beginning on February 2, 2025. The attacks, described as large-scale and difficult to trace, disrupted access for several days until at least February 6, 2025. Mitigation involved blocking international traffic. Attribution remains undetermined; motive appears protest-related.
Water Treatment Plant at Madyty
January 28, 2025
•[ unauthorized access, ICS/SCADA, critical infrastructure ]
CyberDefence24 reported that a pro-Russian Telegram group posted videos between Jan 2830, 2025 showing unauthorized access to interfaces for three Polish water treatment plants (SUW) in Tolkmicko, Madyty, and Sierakowo. The recordings showed attackers setting multiple parameters to maximum values, disabling selected device functions, and changing device PINs (including 1488). The article stated none of the plants reported problems at the time and noted the activity appeared propaganda-oriented, with no confirmed impact on critical infrastructure operations.
Zürcher Kantonalbank (ZKB)
January 21, 2025
•[ DDoS attack, NoName, WEF ]
Erneut hat die Hackergruppe NoName aus Russland eine Reihe von Schweizer Websites mit DDoS-Attacken lahmgelegt. Der Zeitpunkt der Angriffe hat wohl vor allem mit der Durchfhrung des WEF zu tun.
City of Trier's website
January 8, 2025
•[ DDoS, hacktivism, availability attack ]
Open reporting described the municipal website for the City of Trier as being targeted by a pro-Russian hacktivist group in an availability attack, consistent with a DDoS campaign. The reporting linked the activity to NoName057(16), a group frequently associated with politically motivated denial-of-service actions against public-sector entities. The incident was characterized as a disruption of access to the public-facing website rather than a confirmed data theft. Specific metrics such as downtime length, traffic volume, and whether any internal systems were affected were not confirmed in the accessible sources used here.
