Belgian General Intelligence and Security Service
November 6, 2025
•[ DDoS, hacktivism ]
Belgiums Defense Ministry confirmed that the website of the military intelligence service SGRS was hit by a DDoS attack claimed by pro-Russian hacktivist group NoName057, briefly degrading access to the portal without leading to any intrusion into backend systems or exposure of sensitive data; in messages on Telegram the group framed the operation as a warning to Defense Minister Theo Francken over his remarks that NATO would devastate Moscow if Russia attacked Brussels, continuing a pattern of politically motivated nuisance attacks on Belgian government and strategic targets.
Ravin Academy
October 22, 2025
•[ hacktivism, data leak, government ]
Cyber intrusion into Ravin Academy, an Iranian cybersecurity training institution linked to the Ministry of Intelligence, by a hacktivist group. The stolen data was posted online with anti-regime rhetoric, indicating an ideologically motivated protest hack.
Rosselkhoznadzor
October 22, 2025
•[ ddos, hacktivism ]
Large DDoS hit Russias food-safety agency, degrading VetIS/Mercury and Saturn services used to certify shipments; suppliers couldnt confirm deliveries and some retailers paused intake until access returned. Officials reported no data compromise, indicating a protest-driven disruption rather than theft.
Windsor International Airport
October 14, 2025
•[ hacktivism, unauthorized access, third-party breach ]
Unauthorized pro-Palestinian messages played; one Delta flight delayed; third-party cloud PA cited
(German Procurement Portal) dtvp.de
October 14, 2025
•[ ddos, hacktivism ]
Reports say pro-Russian NoName057(16) knocked Germanys tender portal offline via DDoS
Kelowna International Airport
October 14, 2025
•[ hacktivism, system intrusion ]
Pro-Palestinian messages appeared on PA/displays; brief disruption while systems isolated and restored
MAYA Systems Ltd.
October 12, 2025
•[ data leak, hacktivism, espionage ]
An Iran-linked hacktivist group known as Cyber Toufan claimed responsibility for breaching Israeli defense contractor MAYA Systems in October 2025, stealing and releasing files allegedly showing Iron Beam laser-defense system designs and other IDF technologies. Israeli authorities have not verified the authenticity of the leaked materials.
Canadian water facility
October 1, 2025
•[ hacktivism, critical infrastructure, industrial control system ]
Hacktivists tampered with water-pressure valves at a Canadian water facility, degrading water service to the local community; actions intended to draw attention to activist causes.
Undisclosed Canadian oil & gas company
October 1, 2025
•[ hacktivism, operational technology ]
Hacktivists manipulated an automated tank gauge system at a Canadian oil & gas company, triggering erroneous alarms; no injuries or physical damage reported.
Undisclosed Canadian farm
October 1, 2025
•[ Hacktivism, Sabotage, Operational Technology (OT) ]
Hacktivists manipulated temperature and humidity parameters in a grain-drying silo at a Canadian farm, creating unsafe conditions that were detected and mitigated before damage occurred.
AutoritàPortuale del Mar Ligure Occidentale and Regione Liguria
September 23, 2025
•[ DDoS, hacktivism, pro-Russian ]
On September 23, 2025, the pro-Russian hacktivist group Noname057 launched a distributed denial-of-service (DDoS) attack targeting the websites of Ligurias regional government and the Port Authority of the Western Ligurian Sea. The attack caused only partial service degradation and web slowdowns before being mitigated by Liguria Digitale and Italys cybersecurity agency. No data theft was reported.
Sewage treatment plant in Kunica
August 19, 2025
•[ industrial control systems, hacktivism, operational disruption ]
Russian hacktivists allegedly interfered with industrial control systems at the sewage treatment plant in Kunica, and publicly released video that Polish analysts assessed as showing real operational disruption.
Polish hydropower plant in Tczew in May 2025
August 19, 2025
•[ hacktivism, critical infrastructure, operational disruption ]
Russian hacktivists allegedly targeted a hydropower plant in Tczew in May 2025, but reporting suggests the facility may have been offline at the time, limiting evidence of meaningful operational disruption.
Polish hydropower plant in Tczew in August 2025
August 19, 2025
•[ hacktivism, industrial control systems, critical infrastructure ]
Russian hacktivists allegedly targeted a hydropower plant in Tczew in August 2025, releasing video evidence that Polish analysts said showed disruption to control systems and turbine operations.
Sewage treatment plant in Witków
August 19, 2025
•[ industrial control systems, hacktivism, operational disruption ]
Russian hacktivists allegedly manipulated industrial control systems at the sewage treatment plant in Witkw, with video evidence and analyst review indicating operational disruption to plant processes.
Szczytno water treatment plant
August 12, 2025
•[ hacktivism, industrial control systems, critical infrastructure ]
CyberDefence24 reported pro-Russian hacktivists published another recording on Aug. 12, 2025 from the same Polish hydroelectric plant previously referenced in early July 2025 reporting. The outlet said the new video suggested the attackers accessed the control panel while the plant was operating (generator/rotor turning and current visible) and that this represented a more serious incident than the earlier case where the plant appeared off. The report stated attackers did not appear to have full control of the infrastructure, but the incident indicates unauthorized access to industrial control interfaces and potential cyber-physical risk.
Jabłonna Lacka Water Treatment Plant
August 1, 2025
•[ industrial control systems, ICS, critical infrastructure ]
Poland's Internal Security Agency reported that attackers breached industrial control systems at multiple water treatment facilities in 2025, including Jabonna Lacka. The attackers gained access to operational systems controlling water treatment processes and in some cases obtained the ability to modify equipment operational parameters, creating a direct risk to operational continuity and public water supply. Public reporting says the August 2025 incident nearly caused a municipality to lose its water supply before authorities intervened. Polish cybersecurity reporting linked several water-facility incidents to a pro-Russian hacktivist group, but no public source identified the specific named perpetrator for the Jabonna Lacka incident.
Czech Police, Interior Ministry, and other government offices
July 31, 2025
•[ government, hacktivism ]
iRozhlas reports hackers attacked Czech police and government websites in retaliation for cooperation in Ukraine-related operations.
Aeroflot
July 28, 2025
•[ hacktivism, data leak, data destruction ]
Two hacktivist groups claim to have gained access to 122 hypervisors, 43 ZVIRT virtualization installations, approximately 100 iLO interfaces used for server management, and four Proxmox clusters. They say they exfiltrated all databases from flight history and employee workstations (including of top executives), wiretapping servers containing phone call recordings, and personnel monitoring systems. Claim to have wiped 7,000 physical and virtual servers hosting 12TB of databases, 8TB of Windows Share files, and 2TB of corporate email. Resulted in the cancellation of more than 60 flights and severe delays on additional flights.
Haskar Integration (Russian military drone supplier)
July 15, 2025
•[ data destruction, hacktivism, military ]
Ukrainian cyber operators claimed access and subsequent wiping of 47TB of technical data from Haskar Integration, a major supplier to Russian forces; backups also deleted.
