Energy is a industry tracked across 50 threat clusters and 1187 intelligence report mentions on ThreatCluster. First observed October 29, 2025; most recent activity July 17, 2026.
A cyberattack targeting Poland's energy grid in December has been linked to a Russian government-affiliated hacking group. The attack affected 30 wind and photovoltaic farms and prompted the Cybersecurity and…
In late December 2025, Russian-linked hackers from the Sandworm group launched attacks using a new wiper malware named DynoWiper, specifically targeting a Polish energy company. The malware is designed to cause…
The Akira ransomware group has been identified as a significant threat to critical infrastructure, with the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the FBI warning of its active ransomware…
A cyber threat actor has been exploiting a zero-day vulnerability (CVE-2026-20127) in Cisco Catalyst SD-WAN Controller since 2023. This vulnerability allows unauthenticated remote attackers to bypass authentication and…
In December 2025, Poland's power grid was targeted by a sophisticated cyberattack attributed to Russia's Federal Security Service (FSB). The attack aimed to disrupt communication between renewable energy systems and…
The FBI and partners disrupted a covert network of compromised TP-Link and MikroTik routers exploited by the Russian GRU (APT28) to steal Outlook credentials. This operation, known as Operation Masquerade, revealed that…
The Russian state-backed hacking group Sandworm has intensified its operations against Ukrainian organizations by deploying data-wiping malware. This campaign targets critical sectors, including the grain industry, and…
Russian-linked cyber groups have targeted multiple energy facilities in Poland, exploiting default ICS credentials. The attacks have led to significant disruptions in operations, with Poland's CERT releasing a report…
Operation Escaneo is a coordinated cyberattack attributed to the MexicanMafia group, targeting critical infrastructure across Latin America, primarily Mexico. The campaign, which spanned from 2025 to 2026, utilized…
On March 11, 2026, medical technology firm Stryker experienced a significant cyberattack attributed to the Iran-linked hacking group Handala. The attack exploited vulnerabilities in Stryker's Microsoft Intune endpoint…