Campaigns
32 ongoing and historical cyber campaigns tracked
| ID | Title | Start Date | Severity | Attack Type | Status |
|---|---|---|---|---|---|
| TP-CAMP-2026-0350 | World Cup 2026 Ticket and Brand Impersonation Scam Campaign | 5/27/2026 | high | Phishing / Brand Impersonation | Ongoing |
| TP-CAMP-2026-0010 | Megalodon Supply-Chain Intrusion Campaign in GitHub and npm | 5/18/2026 | high | Software Supply Chain Compromise / CI Workflow Hijack | Concluded |
| TP-CAMP-2026-0330 | Ghost CMS FakeCaptcha Campaign Exploiting CVE-2026-26980 | 5/7/2026 | high | Supply Chain Hijacking / FakeCaptcha Malware Delivery | Ongoing |
| TP-CAMP-2026-0349 | Operation Dragon Whistle UNG0002 Spear-Phishing Campaign | 4/28/2026 | medium | Spear-phishing | Concluded |
| TP-CAMP-2026-0002 | DragonForce Multi-Sector Extortion Campaign - April 2026 | 4/1/2026 | high | Ransomware / Double Extortion | Concluded |
| TP-CAMP-2026-0007 | Gray Sandstorm Microsoft 365 Password-Spray Campaign Targeting Middle East Cloud Environments 2026 | 3/1/2026 | high | Credential Access / Cloud Compromise | Ongoing |
| TP-CAMP-2026-0003 | TeamPCP Multi-Ecosystem Supply Chain Campaign | 2/27/2026 | critical | Supply Chain Compromise | Concluded |
| TP-CAMP-2026-0001 | Microsoft 365 Device Code Phishing Campaign | 2/18/2026 | high | Phishing / Cloud Account Takeover | Concluded |
| TP-CAMP-2026-0009 | Seedworm Cyber-Espionage Campaign Targeting South Korean Electronics and Global Organizations, 2026 | 2/1/2026 | high | Cyber Espionage | Ongoing |
| TP-CAMP-2026-0005 | Operation TrueChaos: TrueConf Supply Chain Pivot | 1/15/2026 | critical | Zero-Day Supply Chain / Espionage | Concluded |
| TP-CAMP-2026-0006 | Russian Intelligence Services Signal and WhatsApp Account Compromise Campaign | 1/1/2026 | high | Social Engineering / Account Hijacking | Ongoing |
| TP-CAMP-2025-0001 | FrostArmada SOHO Router DNS Hijacking Campaign | 5/19/2025 | high | DNS Hijacking / Adversary-in-the-Middle Espionage | Concluded |
| TP-CAMP-2026-0008 | China-Nexus Covert Proxy Networks Campaign | 1/1/2024 | high | Covert Proxy Infrastructure / Botnet Routing | Ongoing |
| TP-CAMP-2024-0001 | Salt Typhoon U.S. Telecommunications Intrusion Campaign | 1/1/2024 | critical | Espionage / Communications Interception | Ongoing |
| TP-CAMP-2023-0001 | CyberAv3ngers IRGC ICS and Water Sector Targeting Campaign | 10/1/2023 | high | ICS Exploitation / Default Credential Abuse | Concluded |
| TP-CAMP-2024-0002 | Midnight Blizzard SVR Cloud Credential and Spear-Phishing Campaign 2024 | 10/1/2023 | critical | Credential Theft / Cloud Access | Concluded |
| TP-CAMP-2023-0002 | Lazarus Group Operation SmoothOperator — 3CX Software Supply Chain Compromise | 3/1/2023 | critical | Software Supply Chain Attack | Concluded |
| TP-CAMP-2026-0348 | Red Lamassu Showboat Telecom Intrusion Campaign (2022-2026) | 6/1/2022 | high | Malware / Cyberespionage | Concluded |
| TP-CAMP-2022-0001 | Lazarus Group Ronin Bridge Cryptocurrency Heist (2022) | 3/23/2022 | critical | Cryptocurrency Theft via Validator Key Compromise | Concluded |
| TP-CAMP-2021-0001 | HAFNIUM Exchange Server Exploitation Campaign | 1/1/2021 | critical | Zero-Day Exploitation / Web Shell Persistence | Concluded |
| TP-CAMP-2020-0002 | LockBit Global Ransomware-as-a-Service Campaign and Operation Cronos | 1/1/2020 | critical | Ransomware-as-a-Service | Concluded |
| TP-CAMP-2020-0001 | SolarWinds Supply Chain Espionage Campaign | 10/1/2019 | critical | Supply Chain Compromise / Espionage | Concluded |
| TP-CAMP-2019-0001 | Operation Triangulation iOS Spyware Campaign | 1/1/2019 | high | Mobile Spyware / Zero-Click Exploitation | Concluded |
| TP-CAMP-2018-0001 | AppleJeus DPRK Cryptocurrency Targeting Campaign | 8/1/2018 | high | Trojanized Cryptocurrency Application / Financial Theft | Concluded |
| TP-CAMP-2017-0002 | NotPetya Destructive Campaign: Sandworm Global Wiper Operation (2017) | 6/27/2017 | critical | Destructive Wiper / Supply Chain Compromise | Concluded |
| TP-CAMP-2017-0001 | WannaCry Ransomware Campaign: Global Lazarus Group Worm Operation (2017) | 5/12/2017 | critical | Ransomware / Self-Propagating Worm via SMB Exploitation | Concluded |
| TP-CAMP-2016-0001 | Operation Cloud Hopper: APT10 Managed Service Provider Espionage Campaign | 1/1/2016 | high | Cyber Espionage via MSP Pivot | Concluded |
| TP-CAMP-2015-0001 | Sandworm Ukraine Power Grid Attacks Campaign | 12/23/2015 | critical | Sabotage | Concluded |
| TP-CAMP-2013-0001 | Carbanak Banking Campaign: Multi-Year Financial Institution Operations | 1/1/2013 | critical | Financial Cybercrime / ATM Cashout and Fraudulent Bank Transfer | Concluded |
| TP-CAMP-2009-0001 | Operation Aurora Espionage Campaign | 6/1/2009 | critical | Espionage | Concluded |
| TP-CAMP-2003-0001 | Titan Rain | 1/1/2003 | high | Cyber Espionage | Concluded |
| TP-CAMP-1996-0001 | Moonlight Maze U.S. Government Espionage Campaign | 1/1/1996 | high | Espionage | Concluded |