All articles tagged with #cyberattack
Russia’s hybrid warfare appears to be escalating as cyberattacks hit about 30 energy facilities in Poland, threatening a major blackout during a cold snap and signaling broader European subversion beyond Ukraine. The incidents reportedly point to the involvement of Russia’s security services (FSB), highlighting a bold expansion of Moscow’s clandestine strikes against critical infrastructure.
CERT Polska disclosed a coordinated, destructive cyber campaign on Dec 29, 2025 that hit more than 30 wind/solar farms and a CHP plant, disrupting substation communications but not stopping electricity or heat delivery. The attackers deployed wipers (DynoWiper, LazyWiper) via compromised Fortinet devices and Active Directory, used multiple accounts with no two-factor authentication, and leveraged Tor/IPs to access energy networks, with several variants and likely LLM involvement; data was also exfiltrated from OT/cloud services. Attribution to Static Tundra tied to Russia's FSB is stated by CERT Polska, though some researchers link activity to Sandworm.
Poland’s electric grid was targeted by a new wiper malware, allegedly from Russia’s Sandworm group, on the late-December anniversary of a Ukraine grid attack. The payload, dubbed DynoWiper, aimed to disrupt communications between renewables and grid operators but did not cause a blackout. Attribution is at medium confidence and researchers say there’s no evidence of disruption, with several possible reasons the attack failed.
Verizon says a January 2026 nationwide outage that left many customers in SOS mode was caused by a software issue rather than a cyberattack; while the company hasn’t disclosed specifics, analysts speculate a faulty feature update. The disruption affected major cities, hindered emergency calls and GPS, and disrupted healthcare communications; Verizon is conducting a full review, with NY Assembly member Anil Beephan Jr. urging FCC scrutiny. A $20 account credit via the MyVerizon app has been offered to affected customers.
Verizon has confirmed that its nationwide outage was caused by a software issue rather than a cyberattack, and the company will credit affected customers $20 as it conducts a full review of what happened.
Rainbow Six Siege is experiencing another security issue, possibly a cyberattack, leading to outages and ongoing investigations by Ubisoft, who previously had to shut down the game due to attackers taking control.
Cybersecurity researchers uncovered a targeted spear-phishing campaign using 27 malicious npm packages to host browser-based phishing lures mimicking document-sharing portals and Microsoft sign-in pages, primarily targeting organizations in critical infrastructure sectors across multiple countries. The campaign leverages package CDNs for resilient hosting, employs anti-analysis techniques, and hard-codes specific email addresses, with the goal of stealing login credentials. The activity highlights ongoing threats in the software supply chain, emphasizing the need for stringent dependency verification and monitoring.
Shares of Coupang rose about 9% after the company announced it had resolved a cyberattack that exposed limited building entrance codes and some user data, but no payment or login information was compromised, and the hacker was identified as a former employee.
A pro-Russian hacking group claimed responsibility for a DDoS cyberattack that disrupted France's postal service just before Christmas, affecting package deliveries and online banking, as part of broader hybrid warfare efforts against Western countries supporting Ukraine.
Kuaishou, a major Chinese short-video platform, was hit by a cyberattack involving AI that flooded it with porn and violent videos, leading to platform disruptions and raising concerns about cybersecurity and content regulation in China.
A major cyberattack, likely a DDoS, disrupted France's postal service and banking operations just days before Christmas, causing delays and service outages amid ongoing concerns about cyber warfare involving Russia and other foreign actors.
France's postal service and banking division, La Poste and La Banque Postale, were hit by a suspected DDoS cyberattack during the Christmas period, disrupting package deliveries and online banking services. The incident follows previous attacks on La Poste and recent cyber breaches involving France's government and a suspected international ferry hacking plot, highlighting ongoing concerns about cyber threats and foreign interference in France.
A suspected cyberattack involving a DDoS incident disrupted France's La Poste postal service and La Banque Postale banking during the Christmas season, causing delays in mail delivery and online banking services, though customer data remained unaffected.
Denmark publicly blames Russia for cyberattacks in 2024 and 2025 targeting a water utility and government websites, linked to pro-Russian hacking groups, as part of Russia's broader hybrid warfare against the West, causing limited damage but highlighting vulnerabilities in critical infrastructure.
Denmark accuses Russia of orchestrating two major cyber-attacks, including a water utility hack and DDoS attacks targeting Danish websites, as part of a broader hybrid war effort to undermine Western support for Ukraine, with evidence linking pro-Russian groups to the Russian state.