U.S. Army Websites Defaced in Pro-Kurdish Hacktivist Attack

U.S. Army Websites Defaced in Pro-Kurdish Hacktivist Attack

First seen 7 Jul 2026, 01:50 UTC CyberscoopFeeds.FeedburnerTechcrunchMezhaGadgetreview+2 87% similarity 53.0

Article Content

Browse articles
ThreatCluster

On July 6, 2026, multiple U.S. Army subdomains, including oil.army.mil and ai2c.army.mil, were defaced in a 404 hijacking campaign. The attack displayed messages denouncing President Donald Trump and supporting Kurdish independence. Cybersecurity researcher Ronald Lovelace discovered the defacement, which exploited vulnerabilities in the websites' error-handling systems, likely due to compromised WordPress plugins. The Army's affected sites belong to the Open Innovation Lab and the AI Integration Center. Following the incident, the Army took the pages offline and initiated an investigation. The attack raises concerns about the security of government websites and the potential for broader vulnerabilities. As of now, it remains unclear how the hackers gained access to modify the error pages. No data breach has been confirmed, and the investigation is ongoing.

Key Points: • Two U.S. Army websites were defaced with pro-Kurdish messages and insults to Trump. • The attack utilized a 404 hijacking method, exploiting vulnerabilities in WordPress plugins. • The Army has removed the affected pages and is currently investigating the incident.

ThreatCluster AI

Timeline

2026-07-06
U.S. Army websites defaced
Error pages on oil.army.mil and ai2c.army.mil displayed messages denouncing Trump and promoting Kurdish independence.
Cyberscoop
2026-07-06
Incident reported to Army officials
Cybersecurity researcher Ronald Lovelace notified the Army about the defaced error pages.
Cyberscoop
2026-07-06
Affected pages taken offline
The Army removed the compromised error pages after being alerted by CyberScoop.
Techcrunch
2026-07-07
Investigation ongoing
The Army confirmed that an investigation into the incident is underway, focusing on how the error pages were compromised.
Mezha

Community

Browse all →