Incident Reports
103 cybersecurity incidents tracked
| ID | Title | Date | Severity | Attack Type | Threat Actor | Status |
|---|---|---|---|---|---|---|
| TP-2026-0334 | Dutch Police and NCSC Disrupt Asocks-Linked Botnet Operation | May 28, 2026 | high | Botnet | Unknown | draft_ai |
| TP-2026-0062 | Dutch FIOD Disrupts Sanctions-Evasion Hosting Infrastructure | May 22, 2026 | high | Law Enforcement Disruption | Unknown | draft_ai |
| TP-2026-0061 | Multi-Stage Linux Intrusion Pivoted from F5 BIG-IP to Confluence | May 22, 2026 | high | Intrusion | Unknown | draft_ai |
| TP-2026-0060 | First VPN Cybercrime Infrastructure Disrupted in Multinational Takedown | May 21, 2026 | high | Law Enforcement Disruption | Unknown | draft_ai |
| TP-2026-0335 | art-template npm Package Browser-Bundle Compromise, May 2026 | May 20, 2026 | medium | Supply Chain | Unknown | draft_ai |
| TP-2026-0323 | Mini Shai Hulud: Compromised @antv npm Packages Enable CI/CD Credential Theft | May 20, 2026 | high | supply-chain | Unknown | draft_ai |
| TP-2026-0332 | Microsoft Disrupts Fox Tempest Malware-Signing-as-a-Service | May 19, 2026 | high | Malware-Signing Infrastructure Abuse | Fox Tempest | draft_ai |
| TP-2026-0336 | CISA Contractor AWS GovCloud Key Exposure | May 18, 2026 | high | Credential Exposure | Unknown | draft_ai |
| TP-2026-0326 | GitHub Internal Repository Theft via Compromised Nx Console VS Code Extension (May 2026) | May 18, 2026 | high | supply-chain | Unknown | draft_ai |
| TP-2026-0335 | Interpol Operation Ramz MENA Cybercrime Crackdown | May 18, 2026 | medium | Financial | Unknown | draft_ai |
| TP-2026-0334 | Scam Disruption Week Industrial Scam Crackdown | May 18, 2026 | high | Financial | Unknown | draft_ai |
| TP-2026-0333 | Storm-2949 Cloud-Wide Breach From Compromised Identity | May 18, 2026 | high | Identity compromise | Storm-2949 | draft_ai |
| TP-2026-0337 | THORChain GG20 Vault Exploit and Network Halt, May 2026 | May 15, 2026 | medium | Financial | Unknown | draft_ai |
| TP-2026-0308 | FunnelKit Funnel Builder Exploitation Injecting WooCommerce Checkout Skimmers (May 2026) | May 14, 2026 | high | web-skimming | Unknown | draft_ai |
| TP-2026-0336 | node-ipc npm Package Compromise, May 2026 | May 14, 2026 | medium | Supply Chain | Unknown | draft_ai |
| TP-2026-0054 | Mistral AI Python SDK PyPI Package v2.4.6 Backdoor | May 12, 2026 | critical | Software supply-chain compromise / malicious PyPI package publication | Unknown | draft_ai |
| TP-2026-0316 | Grafana Labs GitHub Environment Breach and Codebase Theft, May 2026 | May 11, 2026 | high | credential theft | Unknown | draft_ai |
| TP-2026-0054 | TanStack npm Supply-Chain Compromise via GitHub Actions OIDC Token Theft, May 2026 | May 11, 2026 | critical | supply-chain | Unknown | draft_ai |
| TP-2026-0236 | Instructure Canvas Free-For-Teacher Account Compromise and Extortion Activity | May 7, 2026 | high | data-breach | Unknown | draft_ai |
| TP-2026-0337 | Indonesia Cyber Scam Center Raids and Arrests, May 2026 | May 6, 2026 | medium | Financial | Unknown | draft_ai |
| TP-2026-0317 | JDownloader Website Installer Compromise, May 2026 | May 6, 2026 | high | supply-chain | Unknown | draft_ai |
| TP-2026-0302 | West Pharmaceutical Services Ransomware and Data Exfiltration Incident (May 2026) | May 4, 2026 | high | ransomware | Unknown | draft_ai |
| TP-2026-0058 | French ANTS Portal Data Breach, April 2026 | Apr 15, 2026 | high | Data breach | Unknown | draft_ai |
| TP-2026-0053 | MCP Coordinated Disclosure Highlights STDIO Command-Execution Risk | Apr 15, 2026 | critical | Supply Chain | Unknown | draft_ai |
| TP-2026-0056 | CPUID CPU-Z and HWMonitor Supply-Chain Malware Distribution | Apr 9, 2026 | high | Supply Chain | Unknown | draft_ai |
| TP-2026-0315 | 7-Eleven Franchisee Document Data Breach Claimed by ShinyHunters, April 2026 | Apr 8, 2026 | high | data breach | Unknown | draft_ai |
| TP-2026-0052 | Mercor AI Supply Chain Breach via LiteLLM Compromise | Apr 8, 2026 | high | supply-chain | TeamPCP | draft_ai |
| TP-2026-0041 | ChipSoft Ransomware Attack Disrupts Dutch Healthcare Infrastructure | Apr 7, 2026 | critical | Ransomware | Unknown | under_review |
| TP-2026-0042 | Cisco Development Environment Breach via Trivy Supply Chain Attack | Apr 6, 2026 | high | Supply Chain | TeamPCP / ShinyHunters (UNC5537) | under_review |
| TP-2026-0013 | Winona County Targeted by Second Ransomware Attack in 2026 | Apr 6, 2026 | high | Ransomware | Unknown | draft_ai |
| TP-2026-0030 | FortiClient EMS Zero-Day Exploitation (CVE-2026-35616) | Apr 4, 2026 | critical | zero-day-exploitation | Unknown | under_review |
| TP-2026-0027 | Adobe BPO Supply Chain Breach by Mr. Raccoon | Apr 3, 2026 | high | Supply Chain | Mr. Raccoon | draft_ai |
| TP-2026-0036 | BlueHammer: Microsoft Defender Privilege Escalation Disclosure and Early Exploitation | Apr 3, 2026 | high | privilege-escalation | Unknown | draft_ai |
| TP-2026-0047 | DocketWise Immigration Case Management Platform Breach Exposes 116K Records | Apr 3, 2026 | high | Data Breach | Unknown | under_review |
| TP-2026-0034 | Chrome WebGPU Zero-Day (CVE-2026-5281) — Fourth Actively Exploited in 2026 | Apr 1, 2026 | high | Zero-Day Exploitation | Unknown | under_review |
| TP-2026-0021 | Drift Protocol $285M DeFi Exploit by DPRK-Linked Actors | Apr 1, 2026 | critical | Financial | UNC4736 / Sapphire Sleet (DPRK-linked) | under_review |
| TP-2026-0048 | Patriot Regional ECC Cyberattack Disrupts Massachusetts Towns | Apr 1, 2026 | high | ransomware | Unknown | draft_ai |
| TP-2026-0015 | Axios npm Package Compromise by UNC1069 | Mar 31, 2026 | critical | supply-chain | UNC1069 | draft_ai |
| TP-2026-0045 | Operation TrueChaos: TrueConf Update Hijack Against Southeast Asian Government Networks | Mar 31, 2026 | critical | supply-chain | Chinese-nexus (unattributed) | draft_ai |
| TP-2026-0057 | NGINX UI MCP Endpoint Authentication Bypass (CVE-2026-33032) Exploited in the Wild | Mar 28, 2026 | critical | Vulnerability exploitation | Unknown | draft_ai |
| TP-2026-0023 | Die Linke Political Party Hit by Qilin Ransomware | Mar 26, 2026 | high | Ransomware | Qilin | under_review |
| TP-2026-0055 | Dutch Ministry of Finance Internal Systems Breach | Mar 19, 2026 | medium | Unauthorized Access | Unknown | draft_ai |
| TP-2026-0020 | European Commission Cloud Breach via Trivy Supply Chain | Mar 19, 2026 | critical | Supply Chain | TeamPCP | under_review |
| TP-2026-0022 | Foster City Ransomware Incident Disrupts Municipal Services | Mar 19, 2026 | high | ransomware | Unknown | under_review |
| TP-2026-0024 | Trivy Supply Chain Compromise Hits GitHub Actions and Container Releases (CVE-2026-33634) | Mar 19, 2026 | critical | supply-chain | Unknown | draft_ai |
| TP-2026-0049 | Langflow AI Platform Unauthenticated RCE (CVE-2026-33017) Exploited Within 20 Hours | Mar 17, 2026 | critical | zero-day-exploitation | Unknown | under_review |
| TP-2026-0032 | CareCloud Healthcare EHR System Breach Exposes Patient Records | Mar 16, 2026 | high | Data Breach | Unknown | under_review |
| TP-2026-0050 | Cegedim Santé Healthcare Data Breach | Mar 15, 2026 | critical | Data Breach | Unknown | under_review |
| TP-2026-0017 | Stryker Corporation Destructive Cyberattack Claimed by Handala | Mar 11, 2026 | critical | wiper | Handala (claimed) | under_review |
| TP-2026-0033 | Passaic County Ransomware Attack Claimed by Medusa | Mar 4, 2026 | high | ransomware | Medusa | under_review |
| TP-2026-0018 | Vivaticket Ransomware Attack Disrupts European Cultural Institutions | Mar 2, 2026 | high | Ransomware | RansomHouse | draft_ai |
| TP-2026-0026 | LexisNexis AWS Cloud Breach via React2Shell Exploit | Feb 24, 2026 | high | data-breach | FulcrumSec | draft_ai |
| TP-2026-0028 | Conduent Massive Data Breach Affects 25 Million Americans | Feb 20, 2026 | critical | Data Breach | Unknown | under_review |
| TP-2026-0031 | Railway-Hosted Microsoft 365 Device Code Phishing Activity Hits 340+ Organizations | Feb 19, 2026 | high | Phishing | Unknown | draft_ai |
| TP-2026-0043 | University of Mississippi Medical Center Medusa Ransomware Attack | Feb 19, 2026 | critical | ransomware | Medusa (claimed) | under_review |
| TP-2026-0025 | FBI DCSNet Surveillance System Breach | Feb 17, 2026 | critical | Espionage | Unknown (suspected China-linked) | under_review |
| TP-2026-0044 | Chrome CSS Font Feature Zero-Day (CVE-2026-2441) — Actively Exploited RCE | Feb 13, 2026 | high | Zero-Day Exploitation | Unknown | under_review |
| TP-2026-0029 | Hims & Hers Health Zendesk Breach Linked to ShinyHunters | Feb 5, 2026 | high | data-breach | ShinyHunters | draft_ai |
| TP-2025-0001 | Marks & Spencer Cyberattack by Scattered Spider | Apr 22, 2025 | critical | Ransomware | Scattered Spider | certified |
| TP-2024-0001 | CrowdStrike Falcon Global BSOD Outage | Jul 19, 2024 | critical | Supply Chain | N/A — Vendor Error | certified |
| TP-2024-0003 | XZ Utils Backdoor Supply-Chain Compromise (CVE-2024-3094) | Mar 29, 2024 | critical | Supply Chain | Unknown | draft_ai |
| TP-2024-0002 | Change Healthcare Ransomware Attack | Feb 21, 2024 | critical | Ransomware | ALPHV/BlackCat | draft_ai |
| TP-2023-0001 | MOVEit Transfer Mass Exploitation by Cl0p (CVE-2023-34362) | May 31, 2023 | critical | Data Breach | Cl0p Group | certified |
| TP-2023-0002 | 3CX DesktopApp Software Supply Chain Compromise | Mar 22, 2023 | critical | Software Supply Chain | UNC4736 (North Korea nexus) | draft_ai |
| TP-2022-0001 | Viasat KA-SAT AcidRain Satellite Network Attack | Feb 24, 2022 | critical | Sabotage / Wiper | Russian state-sponsored actors | draft_ai |
| TP-2021-0003 | Log4Shell Vulnerability Mass Exploitation | Dec 9, 2021 | critical | Supply Chain | Multiple threat actors | under_review |
| TP-2021-0004 | Kaseya VSA Supply Chain Ransomware Attack | Jul 2, 2021 | critical | Supply Chain / Ransomware | REvil (Sodinokibi) | under_review |
| TP-2023-0001 | Volt Typhoon Critical Infrastructure Pre-positioning | Jun 1, 2021 | critical | Espionage / Pre-positioning | Volt Typhoon | draft_human |
| TP-2021-0002 | JBS Foods Ransomware Attack by REvil | May 30, 2021 | critical | Ransomware | REvil | under_review |
| TP-2021-0001 | Colonial Pipeline Ransomware Attack by DarkSide | May 7, 2021 | critical | Ransomware | DarkSide | certified |
| TP-2020-0001 | SolarWinds Orion Supply Chain Compromise (SUNBURST) | Dec 13, 2020 | critical | Supply Chain | APT29 | certified |
| TP-2020-0002 | FireEye Red Team Tools Breach | Dec 8, 2020 | critical | Espionage | APT29 | certified |
| TP-2020-0002 | Twitter High-Profile Account Takeover via Social Engineering | Jul 15, 2020 | high | Financial | Graham Ivan Clark, Mason Sheppard, Nima Fazeli | under_review |
| TP-2018-0001 | Marriott International Starwood Reservation System Breach | Nov 30, 2018 | critical | Data Breach | China-linked espionage operators | under_review |
| TP-2018-0002 | Olympic Destroyer PyeongChang Cyberattack | Feb 9, 2018 | high | Sabotage / Wiper | Sandworm | draft_ai |
| TP-2017-0004 | TRITON / TRISIS Safety-System Attack | Dec 14, 2017 | critical | Sabotage | TsNIIKhM-linked Russian actors | draft_ai |
| TP-2017-0002 | NotPetya Global Wiper Attack | Jun 27, 2017 | critical | Sabotage / Wiper | Sandworm | under_review |
| TP-2017-0003 | Equifax Data Breach | May 13, 2017 | critical | Data Breach | PLA 54th Research Institute | under_review |
| TP-2017-0001 | WannaCry Ransomware Global Outbreak | May 12, 2017 | critical | Ransomware | Lazarus Group | under_review |
| TP-2016-0001 | Kyiv Power Grid Attack (Industroyer) | Dec 17, 2016 | critical | Sabotage | Sandworm | certified |
| TP-2016-0002 | Mirai / Dyn DNS DDoS Attack | Oct 21, 2016 | critical | Distributed Denial of Service | Unknown | draft_ai |
| TP-2016-0005 | Shadow Brokers Equation Group Tool Leak | Aug 13, 2016 | high | Exploit Toolkit Disclosure | Unknown | draft_ai |
| TP-2016-0004 | 2016 DNC and U.S. Election Hack-and-Leak Operation | Mar 1, 2016 | high | State-Sponsored Hack-and-Leak | APT28 | draft_ai |
| TP-2016-0003 | Bangladesh Bank SWIFT Heist | Feb 4, 2016 | critical | Financial Theft | Lazarus Group / APT38 | draft_ai |
| TP-2015-0002 | Ukraine Power Grid Cyberattack | Dec 23, 2015 | critical | Sabotage | Sandworm | under_review |
| TP-2015-0003 | U.S. Office of Personnel Management Breach | Jun 1, 2015 | critical | Data Breach | Unknown | draft_ai |
| TP-2015-0001 | Anthem Health Insurance Data Breach | Jan 29, 2015 | critical | Data Breach | Black Vine / China-linked espionage operators | under_review |
| TP-2014-0002 | Sony Pictures Destructive Attack | Nov 24, 2014 | critical | Destructive Malware and Data Theft | Lazarus Group | draft_ai |
| TP-2014-0001 | Yahoo 2014 FSB Data Breach | Jan 1, 2014 | critical | Espionage | FSB-directed actors | certified |
| TP-2013-0003 | Target POS Data Breach | Nov 27, 2013 | critical | Payment Card Data Breach | Unknown | draft_ai |
| TP-2013-0002 | Yahoo 2013 Data Breach | Aug 1, 2013 | critical | Data Breach | Unknown | draft_ai |
| TP-2012-0001 | Shamoon / Saudi Aramco Wiper Attack | Aug 15, 2012 | critical | Sabotage / Wiper | Cutting Sword of Justice (claimed) | draft_ai |
| TP-2011-0001 | DigiNotar Certificate Authority Compromise | Aug 29, 2011 | critical | Certificate Authority Compromise | Unknown | draft_ai |
| TP-2011-0002 | RSA SecurID Breach | Mar 17, 2011 | high | Authentication Infrastructure Compromise | Unknown | draft_ai |
| TP-2010-0001 | Stuxnet Attack on Iranian Nuclear Facilities | Jun 17, 2010 | critical | Sabotage | Unknown (suspected U.S.-Israeli operation) | under_review |
| TP-2009-0001 | Operation Aurora Cyber Espionage | Jun 1, 2009 | critical | Espionage | Unknown | draft_human |
| TP-2008-0001 | Conficker Worm | Nov 21, 2008 | high | Network Worm | Unknown | draft_ai |
| TP-2007-0001 | Estonia DDoS Attacks | Apr 27, 2007 | high | Distributed Denial of Service | Russia-based politically motivated actors (suspected) | draft_ai |
| TP-2003-0001 | SQL Slammer Worm Outbreak | Jan 25, 2003 | critical | Network Worm | Unknown | draft_ai |
| TP-2001-0001 | Code Red and Nimda Worm Outbreaks | Jul 12, 2001 | high | Internet Worm | Unknown | draft_ai |
| TP-2000-0001 | ILOVEYOU Worm Outbreak | May 4, 2000 | high | Email Worm | Onel de Guzman (suspected) | draft_ai |
| TP-1999-0001 | Melissa Macro Virus Outbreak | Mar 26, 1999 | high | Email Macro Malware | David Lee Smith | draft_ai |
| TP-1988-0001 | Morris Worm Internet Outbreak | Nov 2, 1988 | high | Malware | Robert Tappan Morris | draft_ai |