// #government
5 articles
ShinyHunters Claims Council of Europe Breach: 297 GB of HR and Payroll Data Exposed
The ShinyHunters threat group has claimed responsibility for breaching the Council of Europe, exfiltrating 297 GB of internal HR and payroll records covering more than 10,000 employees. The breach raises significant concerns around diplomatic personnel data protection and the security posture of intergovernmental bodies operating outside EU regulatory oversight.
Ivanti EPMM CVE-2026-6973 — Remote Code Execution Added to CISA KEV, Patch Required
Ivanti has disclosed CVE-2026-6973, a remote code execution vulnerability in Endpoint Manager Mobile (EPMM, formerly MobileIron) that has been added to the CISA Known Exploited Vulnerabilities catalogue following confirmed limited exploitation. EPMM is a mobile device management platform used by government agencies and enterprises. Organisations should apply the available patch and audit administrator account activity. EPMM has a prior history of critical exploitation including the 2023 Norwegian government attack.
France Titres (ANTS) Breach Exposes 11.7 Million Citizens' Identity Records
France's national secure-ID document agency confirmed a breach affecting 11.7 million citizens — roughly one in five residents — after threat actor 'breach3d' claimed to have exfiltrated records including names, dates of birth, addresses, email addresses, and phone numbers. CNIL, ANSSI, and the Paris Public Prosecutor have been notified. Organisations operating in France face elevated customer account fraud and social engineering risk from the compromised data.
Cyberattack Hits European Commission Europa Web Platform — Data Taken From Hosted Websites
The European Commission confirmed on 27 March that a cyberattack struck the cloud infrastructure hosting the Europa web platform on 24 March 2026, with early forensic findings indicating data was exfiltrated from affected websites. The Commission operates hundreds of websites across the europa.eu domain hosting EU policy documents, consultation portals, and public databases. The incident is under investigation.
UAC-0255 Impersonates CERT-UA to Target Ukrainian Government, Healthcare, and Finance
Russian-linked threat actor UAC-0255 launched a targeted phishing campaign on 26–27 March posing as CERT-UA, Ukraine's national computer emergency response team, to deliver malware to state organisations, medical centres, financial institutions, and software development companies. The campaign uses CERT-UA brand authority to lower recipient suspicion of archive attachments containing remote access implants.