Incident Reports
67 cybersecurity incidents tracked
| ID | Title | Date | Severity | Attack Type | Threat Actor | Status |
|---|---|---|---|---|---|---|
| TP-2026-0053 | MCP Coordinated Disclosure Highlights STDIO Command-Execution Risk | Apr 15, 2026 | critical | Supply Chain | Unknown | draft_ai |
| TP-2026-0052 | Mercor AI Supply Chain Breach via LiteLLM Compromise | Apr 8, 2026 | high | supply-chain | TeamPCP | draft_ai |
| TP-2026-0041 | ChipSoft Ransomware Attack Disrupts Dutch Healthcare Infrastructure | Apr 7, 2026 | critical | Ransomware | Unknown | under_review |
| TP-2026-0042 | Cisco Development Environment Breach via Trivy Supply Chain Attack | Apr 6, 2026 | high | Supply Chain | TeamPCP / ShinyHunters (UNC5537) | under_review |
| TP-2026-0013 | Winona County Targeted by Second Ransomware Attack in 2026 | Apr 6, 2026 | high | Ransomware | Unknown | draft_ai |
| TP-2026-0030 | FortiClient EMS Zero-Day Exploitation (CVE-2026-35616) | Apr 4, 2026 | critical | zero-day-exploitation | Unknown | under_review |
| TP-2026-0027 | Adobe BPO Supply Chain Breach by Mr. Raccoon | Apr 3, 2026 | high | Supply Chain | Mr. Raccoon | draft_ai |
| TP-2026-0036 | BlueHammer: Microsoft Defender Privilege Escalation Disclosure and Early Exploitation | Apr 3, 2026 | high | privilege-escalation | Unknown | draft_ai |
| TP-2026-0047 | DocketWise Immigration Case Management Platform Breach Exposes 116K Records | Apr 3, 2026 | high | Data Breach | Unknown | under_review |
| TP-2026-0034 | Chrome WebGPU Zero-Day (CVE-2026-5281) — Fourth Actively Exploited in 2026 | Apr 1, 2026 | high | Zero-Day Exploitation | Unknown | under_review |
| TP-2026-0021 | Drift Protocol $285M DeFi Exploit by DPRK-Linked Actors | Apr 1, 2026 | critical | Financial | UNC4736 / Sapphire Sleet (DPRK-linked) | under_review |
| TP-2026-0048 | Patriot Regional Emergency Communications Center Cyberattack | Apr 1, 2026 | high | disruption | Unknown | draft_ai |
| TP-2026-0015 | Axios npm Package Compromise Linked to UNC1069 | Mar 31, 2026 | critical | supply-chain | UNC1069 | certified |
| TP-2026-0045 | Operation TrueChaos: TrueConf Update Hijack Against Southeast Asian Government Networks | Mar 31, 2026 | critical | supply-chain | Chinese-nexus (unattributed) | draft_ai |
| TP-2026-0023 | Die Linke Political Party Hit by Qilin Ransomware | Mar 26, 2026 | high | Ransomware | Qilin | under_review |
| TP-2026-0020 | European Commission Cloud Breach via Trivy Supply Chain | Mar 19, 2026 | critical | Supply Chain | TeamPCP | under_review |
| TP-2026-0022 | Foster City Ransomware Incident Disrupts Municipal Services | Mar 19, 2026 | high | ransomware | Unknown | under_review |
| TP-2026-0024 | Trivy Supply Chain Compromise Hits GitHub Actions and Container Releases (CVE-2026-33634) | Mar 19, 2026 | critical | supply-chain | Unknown | draft_ai |
| TP-2026-0049 | Langflow AI Platform Unauthenticated RCE (CVE-2026-33017) Exploited Within 20 Hours | Mar 17, 2026 | critical | zero-day-exploitation | Unknown | under_review |
| TP-2026-0032 | CareCloud Healthcare EHR System Breach Exposes Patient Records | Mar 16, 2026 | high | Data Breach | Unknown | under_review |
| TP-2026-0050 | Cegedim Santé Healthcare Data Breach | Mar 15, 2026 | critical | Data Breach | Unknown | under_review |
| TP-2026-0017 | Stryker Corporation Destructive Cyberattack Claimed by Handala | Mar 11, 2026 | critical | wiper | Handala (claimed) | under_review |
| TP-2026-0033 | Passaic County Ransomware Attack Claimed by Medusa | Mar 4, 2026 | high | ransomware | Medusa | under_review |
| TP-2026-0018 | Vivaticket Ransomware Attack Disrupts European Cultural Institutions | Mar 2, 2026 | high | Ransomware | RansomHouse | draft_ai |
| TP-2026-0026 | LexisNexis AWS Cloud Breach via React2Shell Exploit | Feb 24, 2026 | high | data-breach | FulcrumSec | draft_ai |
| TP-2026-0028 | Conduent Massive Data Breach Affects 25 Million Americans | Feb 20, 2026 | critical | Data Breach | Unknown | under_review |
| TP-2026-0031 | Railway-Hosted Microsoft 365 Device Code Phishing Activity Hits 340+ Organizations | Feb 19, 2026 | high | Phishing | Unknown | draft_ai |
| TP-2026-0043 | University of Mississippi Medical Center Medusa Ransomware Attack | Feb 19, 2026 | critical | ransomware | Medusa (claimed) | under_review |
| TP-2026-0025 | FBI DCSNet Surveillance System Breach | Feb 17, 2026 | critical | Espionage | Unknown (suspected China-linked) | under_review |
| TP-2026-0044 | Chrome CSS Font Feature Zero-Day (CVE-2026-2441) — Actively Exploited RCE | Feb 13, 2026 | high | Zero-Day Exploitation | Unknown | under_review |
| TP-2026-0029 | Hims & Hers Health Zendesk Breach Linked to ShinyHunters | Feb 5, 2026 | high | data-breach | ShinyHunters | draft_ai |
| TP-2025-0001 | Marks & Spencer Cyberattack by Scattered Spider | Apr 22, 2025 | critical | Ransomware | Scattered Spider | certified |
| TP-2024-0001 | CrowdStrike Falcon Global BSOD Outage | Jul 19, 2024 | critical | Supply Chain | N/A — Vendor Error | certified |
| TP-2024-0003 | XZ Utils Backdoor Supply-Chain Compromise (CVE-2024-3094) | Mar 29, 2024 | critical | Supply Chain | Unknown | draft_ai |
| TP-2024-0002 | Change Healthcare Ransomware Attack | Feb 21, 2024 | critical | Ransomware | ALPHV/BlackCat | draft_ai |
| TP-2023-0001 | MOVEit Transfer Mass Exploitation by Cl0p (CVE-2023-34362) | May 31, 2023 | critical | Data Breach | Cl0p Group | certified |
| TP-2021-0003 | Log4Shell Vulnerability Mass Exploitation | Dec 9, 2021 | critical | Supply Chain | Multiple threat actors | under_review |
| TP-2021-0004 | Kaseya VSA Supply Chain Ransomware Attack | Jul 2, 2021 | critical | Supply Chain / Ransomware | REvil (Sodinokibi) | under_review |
| TP-2023-0001 | Volt Typhoon Critical Infrastructure Pre-positioning | Jun 1, 2021 | critical | Espionage / Pre-positioning | Volt Typhoon | draft_human |
| TP-2021-0002 | JBS Foods Ransomware Attack by REvil | May 30, 2021 | critical | Ransomware | REvil | under_review |
| TP-2021-0001 | Colonial Pipeline Ransomware Attack by DarkSide | May 7, 2021 | critical | Ransomware | DarkSide | certified |
| TP-2020-0001 | SolarWinds Orion Supply Chain Compromise (SUNBURST) | Dec 13, 2020 | critical | Supply Chain | APT29 | certified |
| TP-2020-0002 | FireEye Red Team Tools Breach | Dec 8, 2020 | critical | Espionage | APT29 | certified |
| TP-2020-0002 | Twitter High-Profile Account Takeover via Social Engineering | Jul 15, 2020 | high | Financial | Graham Ivan Clark, Mason Sheppard, Nima Fazeli | under_review |
| TP-2018-0001 | Marriott International Starwood Reservation System Breach | Nov 30, 2018 | critical | Data Breach | China-linked espionage operators | under_review |
| TP-2017-0002 | NotPetya Global Wiper Attack | Jun 27, 2017 | critical | Sabotage / Wiper | Sandworm | under_review |
| TP-2017-0003 | Equifax Data Breach | May 13, 2017 | critical | Data Breach | PLA 54th Research Institute | under_review |
| TP-2017-0001 | WannaCry Ransomware Global Outbreak | May 12, 2017 | critical | Ransomware | Lazarus Group | under_review |
| TP-2016-0001 | Kyiv Power Grid Attack (Industroyer) | Dec 17, 2016 | critical | Sabotage | Sandworm | certified |
| TP-2015-0002 | Ukraine Power Grid Cyberattack | Dec 23, 2015 | critical | Sabotage | Sandworm | under_review |
| TP-2015-0003 | U.S. Office of Personnel Management Breach | Jun 1, 2015 | critical | Data Breach | Unknown | draft_ai |
| TP-2015-0001 | Anthem Health Insurance Data Breach | Jan 29, 2015 | critical | Data Breach | Black Vine / China-linked espionage operators | under_review |
| TP-2014-0002 | Sony Pictures Destructive Attack | Nov 24, 2014 | critical | Destructive Malware and Data Theft | Lazarus Group | draft_ai |
| TP-2014-0001 | Yahoo 2014 FSB Data Breach | Jan 1, 2014 | critical | Espionage | FSB-directed actors | certified |
| TP-2013-0003 | Target POS Data Breach | Nov 27, 2013 | critical | Payment Card Data Breach | Unknown | draft_ai |
| TP-2013-0002 | Yahoo 2013 Data Breach | Aug 1, 2013 | critical | Data Breach | Unknown | draft_ai |
| TP-2012-0001 | Shamoon / Saudi Aramco Wiper Attack | Aug 15, 2012 | critical | Sabotage / Wiper | Cutting Sword of Justice (claimed) | draft_ai |
| TP-2011-0001 | DigiNotar Certificate Authority Compromise | Aug 29, 2011 | critical | Certificate Authority Compromise | Unknown | draft_ai |
| TP-2010-0001 | Stuxnet Attack on Iranian Nuclear Facilities | Jun 17, 2010 | critical | Sabotage | Unknown (suspected U.S.-Israeli operation) | under_review |
| TP-2009-0001 | Operation Aurora Cyber Espionage | Jun 1, 2009 | critical | Espionage | Unknown | draft_human |
| TP-2008-0001 | Conficker Worm | Nov 21, 2008 | high | Network Worm | Unknown | draft_ai |
| TP-2007-0001 | Estonia DDoS Attacks | Apr 27, 2007 | high | Distributed Denial of Service | Russia-based politically motivated actors (suspected) | draft_ai |
| TP-2003-0001 | SQL Slammer Worm Outbreak | Jan 25, 2003 | critical | Network Worm | Unknown | draft_ai |
| TP-2001-0001 | Code Red and Nimda Worm Outbreaks | Jul 12, 2001 | high | Internet Worm | Unknown | draft_ai |
| TP-2000-0001 | ILOVEYOU Worm Outbreak | May 4, 2000 | high | Email Worm | Onel de Guzman (suspected) | draft_ai |
| TP-1999-0001 | Melissa Macro Virus Outbreak | Mar 26, 1999 | high | Email Macro Malware | David Lee Smith | draft_ai |
| TP-1988-0001 | Morris Worm Internet Outbreak | Nov 2, 1988 | high | Malware | Robert Tappan Morris | draft_ai |