Undisclosed Canadian oil & gas company
October 1, 2025
•[ hacktivism, operational technology ]
Hacktivists manipulated an automated tank gauge system at a Canadian oil & gas company, triggering erroneous alarms; no injuries or physical damage reported.
Undisclosed Canadian farm
October 1, 2025
•[ Hacktivism, Sabotage, Operational Technology (OT) ]
Hacktivists manipulated temperature and humidity parameters in a grain-drying silo at a Canadian farm, creating unsafe conditions that were detected and mitigated before damage occurred.
AutoritàPortuale del Mar Ligure Occidentale and Regione Liguria
September 23, 2025
•[ DDoS, hacktivism, pro-Russian ]
On September 23, 2025, the pro-Russian hacktivist group Noname057 launched a distributed denial-of-service (DDoS) attack targeting the websites of Ligurias regional government and the Port Authority of the Western Ligurian Sea. The attack caused only partial service degradation and web slowdowns before being mitigated by Liguria Digitale and Italys cybersecurity agency. No data theft was reported.
Sewage treatment plant in Witków
August 19, 2025
•[ industrial control systems, hacktivism, operational disruption ]
Russian hacktivists allegedly manipulated industrial control systems at the sewage treatment plant in Witkw, with video evidence and analyst review indicating operational disruption to plant processes.
Sewage treatment plant in Kunica
August 19, 2025
•[ industrial control systems, hacktivism, operational disruption ]
Russian hacktivists allegedly interfered with industrial control systems at the sewage treatment plant in Kunica, and publicly released video that Polish analysts assessed as showing real operational disruption.
Polish hydropower plant in Tczew in May 2025
August 19, 2025
•[ hacktivism, critical infrastructure, operational disruption ]
Russian hacktivists allegedly targeted a hydropower plant in Tczew in May 2025, but reporting suggests the facility may have been offline at the time, limiting evidence of meaningful operational disruption.
Polish hydropower plant in Tczew in August 2025
August 19, 2025
•[ hacktivism, industrial control systems, critical infrastructure ]
Russian hacktivists allegedly targeted a hydropower plant in Tczew in August 2025, releasing video evidence that Polish analysts said showed disruption to control systems and turbine operations.
Szczytno water treatment plant
August 12, 2025
•[ hacktivism, industrial control systems, critical infrastructure ]
CyberDefence24 reported pro-Russian hacktivists published another recording on Aug. 12, 2025 from the same Polish hydroelectric plant previously referenced in early July 2025 reporting. The outlet said the new video suggested the attackers accessed the control panel while the plant was operating (generator/rotor turning and current visible) and that this represented a more serious incident than the earlier case where the plant appeared off. The report stated attackers did not appear to have full control of the infrastructure, but the incident indicates unauthorized access to industrial control interfaces and potential cyber-physical risk.
Czech Police, Interior Ministry, and other government offices
July 31, 2025
•[ government, hacktivism ]
iRozhlas reports hackers attacked Czech police and government websites in retaliation for cooperation in Ukraine-related operations.
Aeroflot
July 28, 2025
•[ hacktivism, data leak, data destruction ]
Two hacktivist groups claim to have gained access to 122 hypervisors, 43 ZVIRT virtualization installations, approximately 100 iLO interfaces used for server management, and four Proxmox clusters. They say they exfiltrated all databases from flight history and employee workstations (including of top executives), wiretapping servers containing phone call recordings, and personnel monitoring systems. Claim to have wiped 7,000 physical and virtual servers hosting 12TB of databases, 8TB of Windows Share files, and 2TB of corporate email. Resulted in the cancellation of more than 60 flights and severe delays on additional flights.
Haskar Integration (Russian military drone supplier)
July 15, 2025
•[ data destruction, hacktivism, military ]
Ukrainian cyber operators claimed access and subsequent wiping of 47TB of technical data from Haskar Integration, a major supplier to Russian forces; backups also deleted.
Columbia University
July 3, 2025
•[ data leak, hacktivism ]
University said a hacker with a political agenda broke into IT systems and stole targeted student data; no threat activity detected since June 24.
Netherlands National Government Web Infrastructure
June 23, 2025
•[ ddos, hacktivism, disruption ]
Pro-Russian hacktivist group NoName057(16) conducted coordinated DDoS attacks against Dutch government websites hosted on shared infrastructure ahead of the NATO summit; disrupted access to at least four major portals for several hours; no data compromise reported.
Saudi Games 2024 Registration Platform
June 22, 2025
•[ data leak, hacktivism, database breach ]
Pro-Iranian hacktivist group Cyber Fattah claimed access to the Saudi Games 2024 registration platform backend (phpMyAdmin), leaking SQL dumps with thousands of athlete and visitor recordspassport and ID scans, medical forms, IBANsand staff/government credentials as a protest against Saudi authorities.
Truth Social
June 21, 2025
•[ ddos, hacktivism, outage ]
Truth Social experienced a global outage on June 21 2025 attributed by self-identified Iran-aligned hacktivist group 313 Team to a DDoS attack; NetBlocks confirmed connectivity loss unrelated to ISP filtering; services restored within hours; no data theft confirmed.
Nobitex Cryptocurrency Exchange
June 18, 2025
•[ hacktivism, cryptocurrency, theft ]
Predatory Sparrow (pro-Israel hacktivist group) breached Irans Nobitex cryptocurrency exchange on June 18 2025, transferring roughly $90 million USD in assets to unrecoverable wallet addresses; action was intended to punish Iranian regime-linked financial infrastructure; no evidence of ransom or profit motive.
NetVision (Cellcom Israel)
June 17, 2025
•[ phishing, vulnerability exploitation, hacktivism ]
Pro-Palestinian hackers exploited a vulnerability in NetVisions legacy email infrastructure to send forged phishing messages impersonating Israeli government domains; servers used for distribution of malicious emails; no confirmed data theft or ransom demand reported.
Vice Ministry of Economy (Paraguay) et al.
June 14, 2025
•[ hacktivism, website defacement, unauthorized access ]
Hacktivist group CyberTeam launched coordinated website intrusions against Paraguayan government institutions, defacing and accessing official systems while denouncing national cybersecurity as ineffective; the Ministry of Economy confirmed limited unauthorized access but no data leak.
Multiple Thai government and news websites
June 9, 2025
•[ DDoS, hacktivism, service disruption ]
Cambodian hacktivist collective AnonSecKh launched DDoS attacks on June 9 2025 against Thai government and media websites hosted on common public-sector servers; traffic floods disrupted access to more than 20 sites for about two days before mitigation by ThaiCERT; no data theft or defacement reported.
Bharatpedia (English Version)
June 8, 2025
•[ denial of service, hacktivism ]
Bharatpedias official X account confirmed a cyberattack on June 8, 2025, that took its English site offline for several days; incident attributed to an external denial-of-service campaign consistent with hacktivist protest activity; no data compromise reported.
