Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

European Commission hit by cyberattack

Incident
First reported
Last updated
Happening score
H score 43
2 unique sources, 2 articles

Summary

Hide ▲

The European Commission is investigating a cyberattack on its mobile device management platform, which may have exposed staff names and mobile numbers. The incident was contained and cleaned within 9 hours, limiting the immediate operational impact. The breach matters because it may be connected to wider attacks on European institutions using Ivanti Endpoint Manager Mobile (EPMM) zero-day flaws.

Cases

Ivanti Endpoint Manager Mobile zero-day exploitation, European government breaches, and concentrated attack wave (5) Ivanti Endpoint Manager Mobile zero-day exploitation, European government breaches, and concentrated attack wave (5) Ivanti Endpoint Manager Mobile zero-day exploitation, European government breaches, and concentrated attack wave (5)

Related Happenings

Dutch Ministry of Finance hit by network compromise

Incident
First: 24.03.2026 14:03 Last: 24.03.2026 14:03 Sources 1

About this happening: The **Dutch Ministry of Finance** confirmed a **cyberattack breach** that affected **some employees** after unauthorized access was found in internal systems. The ministry said it...

Latest development: 31.03.2026 10:52

The Dutch Ministry of Finance shut down some systems on March 23 for security reasons, including the digital portal for treasury banking, leaving approximately 1,600 public institutions unable to view treasury balances online or use portal functions for loans, deposits, credit, intraday limit changes, and report generation, while regular banking channels and full access to funds continued.

Open Happening

Ireland DPC opens GDPR investigation into X Grok sexual image generation

Regulatory/Legal Action
First: 17.02.2026 12:02 Last: 17.02.2026 12:02 Sources 1

About this happening: Ireland's **Data Protection Commission (DPC)** opened a formal investigation into **X** over **Grok** being used to generate **non-consensual sexual images** of real people, inclu...

Open Happening

Odido hit by network compromise

Incident
First: 12.02.2026 20:18 Last: 12.02.2026 20:18 Sources 1

About this happening: **Odido** said a **cyberattack** exposed personal data from its **customer contact system**, affecting **6.2 million customers** after unauthorized access was detected on the week...

Latest development: 24.02.2026 13:40

ShinyHunters claimed responsibility for breaching Dutch telecommunications provider Odido, added the company to its dark web leak site, and said it had stolen nearly 21 million records. The gang also claimed the stolen material includes internal corporate data and plaintext passwords, while Odido denied that passwords, call details, social security numbers, or billing data are involved.

Open Happening

Shrinking n-day exploitation window across disclosed flaws

Target Trend
First: 12.02.2026 11:30 Last: 12.02.2026 11:30 Sources 1

About this happening: A **five-year collapse** in the **time to exploit** is giving defenders far less time to patch **disclosed-but-unpatched vulnerabilities** before attackers move in. Measured TTE f...

Open Happening

Ivanti EPMM mobile-data theft campaign targeting European governments

Campaign
First: 10.02.2026 11:45 Last: 10.02.2026 11:45 Sources 1

How related: Several European government institutions appear to have been targeted in a coordinated campaign designed to steal data on mobile users, it has emerged.

About this happening: A **coordinated Ivanti EPMM campaign** is now linked to breaches at multiple **European government** bodies, raising concern that staff and mobile-user data were exposed across se...

Latest development: 13.02.2026 00:05

Shadowserver tracked another more voluminous wave of attempted attacks against European government targets around Feb. 9, 2026, and Greynoise said 83% of the exploitation spike came from a single IP address on a bulletproof hosting service rather than the IOCs Ivanti published.

Open Happening

Timeline

  1. 09.02.2026 11:49 1 articles · 3mo ago

    European Commission cybersecurity legislation proposal

    Legal Policy Action Update

    The European Commission proposed new cybersecurity legislation to strengthen defenses against state-backed and cybercrime groups targeting critical infrastructure.

    Show sources
    Open in new tab
  2. 09.02.2026 11:49 1 articles · 3mo ago

    Ivanti warns on EPMM zero-days

    Technical Analysis Update

    Ivanti warned that CVE-2026-1281 and CVE-2026-1340 in Ivanti Endpoint Manager Mobile (EPMM) were critical code-injection vulnerabilities exploited in zero-day attacks, and the National Cyber Security Center (NCSC) was informed of the EPMM issues.

    Show sources
    Open in new tab
  3. 09.02.2026 11:49 2 articles · 3mo ago

    European Commission detects traces of a cyberattack

    Detection Ioc Update

    The European Commission's central infrastructure managing mobile devices identified traces of a cyber-attack that may have exposed staff names and mobile numbers; the system was contained and cleaned within 9 hours, and no compromise of mobile devices was detected.

    Show sources
    Open in new tab
  4. 09.02.2026 11:49 1 articles · 3mo ago

    European Commission discloses the breach investigation

    Initial Disclosure

    The European Commission disclosed that it is investigating a breach after finding evidence that its mobile device management platform was hacked, and said the compromise appears linked to similar attacks on European institutions exploiting Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities.

    Show sources
    Open in new tab