Search Results for "cyberattack"

Local entities in the Cayman Islands (malicious PDF campaign) February 19, 2026 • [ phishing, malware, email security ] RCIPS warned that a malicious PDF was being sent to local entities from a compromised email address. The PDF contained a VIEW PDF link that, when clicked, installs malware; authorities stated they were already aware of some local systems being compromised because recipients clicked the embedded link. The public advisory provided guidance to treat unexpected PDFs as suspicious, avoid clicking the embedded link, and report incidents.

Undisclosed contractor supporting National Bank of Ukraine numismatic online store February 19, 2026 • [ data leak, supply chain attack, cyberattack ] Attackers breached an undisclosed contractor supporting the National Bank of Ukraine's numismatic online store, potentially exposing customer registration and delivery data; the online store was temporarily taken offline while the incident was investigated.

UFP Technologies February 14, 2026 • [ unauthorized access, data theft, operational disruption ] UFP Technologies disclosed that threat actors gained unauthorized access to its IT systems around February 14, 2026, disrupting billing and delivery label generation and resulting in the theft or destruction of company or company-related data.

Deutsche Bahn February 13, 2026 • [ denial-of-service, DDoS, service outage ] German reporting relayed statements attributed to Germanys BSI leadership describing a massive cyberattack against Deutsche Bahn that overwhelmed systems with exceptionally high request volumes and caused outages to services such as booking. The report characterized the attack as unusually large in scale, consistent with a major denial-of-service event impacting digital service availability. The reporting accessible here does not describe data theft; the primary effect is disruption to online service functionality due to traffic overload.

Werkstatt Bremen February 12, 2026 • [ ransomware, cyberattack ] Following a cyberattack on a municipal company in Bremen , the IT systems of the police evidence unit were also affected. The public prosecutor's office is investigating, a spokesperson said, confirming reports from Radio Bremen and the "Weser Kurier." The attack involved ransomware.

LIGA.net February 12, 2026 • [ DDoS, intrusion attempts, vulnerability probing ] Ukrainian outlet LIGA.net reported it was experiencing massive DDoS attacks and ongoing intrusion attempts for five days. The organization said attacks originated primarily from China, Russia, and Vietnam and that attackers were systematically probing for vulnerabilities to access internal site management systems. LIGA.net stated no unauthorized access to internal systems occurred and that readers might encounter additional verification steps or temporary difficulty accessing the site due to heightened defenses.

Gyrovague.com blog February 10, 2026 • [ DDoS, Denial of Service, malicious script ] Cybernews reported that Archive.today (archive.ph / archive.is mirrors) embedded a hidden script that turns visitors into participants in a DDoS attack against the Finnish travel blogger site Gyrovague.com. The script is triggered while visitors solve a CAPTCHA and repeatedly hits Gyrovagues search function with randomized requests to defeat caching and increase resource load. The article frames the attack as a personal vendetta tied to a prior OSINT/doxxing blog post about Archive.todays operator, and notes the operator acknowledged the DDoS and issued additional threats. This is coded as a confirmed disruptive denial-of-service action targeting the bloggers site availability/performance.

York City February 10, 2026 • [ ransomware, cyberattack, ransom payment ] Reporting summarized in secondary coverage stated that York Citys cyberattack (described as a major incident that crippled the citys digital infrastructure) led to a $500,000 ransom payment made by the citys insurance company to overseas hackers, according to a former mayor. The report described the payment as roughly half of the initial demand and framed it as necessary to regain control of systems.

Air Cote d'Ivoire February 8, 2026 • [ cyberattack, data leak, sensitive files ] Air Cte d'Ivoire confirmed that a cyberattack on February 8, 2026 affected parts of its information system and involved the illegal extraction of sensitive files, prompting business continuity measures and technical support for flights and other operations.

Spain's Ministry of Science (Ministerio de Ciencia) February 5, 2026 • [ cyberattack, data leak, IDOR vulnerability ] Spains Ministry of Science partially shut down IT systems and suspended ongoing administrative procedures following what it called a technical incident, later reported by Spanish media as related to a cyberattack. A threat actor using the alias GordonFreeman claimed responsibility, posted samples, and offered allegedly stolen ministry data for sale. The attacker claimed an IDOR vulnerability enabled credential access and full admin-level access, but BleepingComputer noted it could not independently confirm all claims. The confirmed impact is significant service disruption for citizen/company-facing procedures, with credible indications of data compromise based on posted samples.

University of La Sapienza February 5, 2026 • [ cyberattack, operational disruption, network shutdown ] La Sapienza University in Rome reported that its IT infrastructure was targeted by a cyberattack that caused widespread operational disruption. The university announced it ordered an immediate shutdown of network systems as a precaution to protect data integrity and security, and formed a technical task force while notifying authorities. As of the report, the universitys website remained offline and ongoing status updates indicated continued recovery work. Public reporting did not confirm data theft; the primary documented effect is the deliberate shutdown and resulting loss of availability for key university network services.

Conpet February 4, 2026 • [ cyberattack, ransomware, data breach ] Romanias national oil pipeline operator Conpet said a cyberattack disrupted parts of its technology infrastructure and knocked its website offline earlier in the week, while operational technology systems (including SCADA and telecoms) remained functional and oil transport operations were not affected. Conpet did not confirm a data breach or name the attacker, but the Qilin ransomware group listed Conpet on its leak site and claimed to have stolen nearly one terabyte of data, publishing images of alleged internal documents, financial records, and passport scans. Conpet said it took immediate mitigation steps, worked with national cybersecurity authorities, and filed a criminal complaint.

Senegal's Directorate of File Automation (DAF) February 3, 2026 • [ ransomware, cyberattack, operational disruption ] The Record reported that Senegal confirmed a cybersecurity incident affecting its Directorate of File Automation (DAF), an office managing sensitive identity information such as national ID cards, passports, and other biometric data. DAF issued a public notice warning residents that the cyberattack forced the temporary suspension of the offices operations. The article noted the breach became public after ransomware claims, but it did not confirm in the government notice that biometric or identity records were exfiltrated; the confirmed primary effect in the report is operational disruption via suspension/closure of the offices services.

Olympique de Marseille February 1, 2026 • [ cyberattack, data leak, data breach ] Olympique de Marseille confirmed a cyberattack after a threat actor claimed to have breached club systems earlier in February and leaked samples of staff and supporter data online.

European Commission January 30, 2026 • [ cyberattack, data leak, vulnerability exploitation ] The European Commission disclosed it detected traces of a cyberattack on January 30, 2026 targeting its central infrastructure used to manage staff mobile devices. The Commission said the incident may have resulted in access to staff names and mobile phone numbers for some employees, but it had not found evidence that managed mobile devices themselves were compromised. The Commission stated its response contained and cleaned the system within nine hours. The article notes the Commission did not disclose the initial access method, but the incident appeared linked to attacks exploiting vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM).

City of New Britain January 28, 2026 • [ ransomware, cyberattack, infrastructure disruption ] City of New Britain municipal systems were taken offline following a ransomware attack that disrupted internal networks and communications, prompting coordination with federal and state authorities to restore services.

Euroxx Securities S.A. January 27, 2026 • [ cyberattack, defensive shutdown, system shutdown ] Cyberattack on Euroxx prompted a defensive system shutdown; no disruption or data loss confirmed.

Concello de Sanxenxo (Spanish Municipality) January 26, 2026 • [ ransomware, data encryption, bitcoin ] A ransomware attack encrypted thousands of administrative documents at the Concello de Sanxenxo, prompting a $5,000 Bitcoin ransom demand. The city refused to pay and is restoring systems from backups; the incident disrupted internal municipal operations and required a formal complaint to the Guardia Civil.

Vladimir Bread Factory January 26, 2026 • [ cyberattack, operational disruption, delivery disruption ] A cyberattack knocked offline internal digital systems at a Russian bread factory, disrupting order processing and deliveries while production lines continued operating.

Delta (Russian Security and Alarm Services Company) January 26, 2026 • [ cyberattack, service disruption, state-sponsored attack ] A cyberattack attributed to a hostile foreign state disrupted Deltas alarm and vehicle services for thousands of users. No customer data compromise confirmed.

Search Results (cyberattack)