eu

Europe Evolves Into Ransomware’s Favorite Region

Ransomware attacks in Europe surged by 55% in early 2026 compared to the previous year, with 684 incidents recorded by Black Kite across the continent, particularly targeting major economies like the UK, Germany, France, Italy, and Spain. Attackers are focusing on manufacturing and digital services sectors to exploit supply chain vulnerabilities, and growing reliance on third- and multi-tier vendors increases organizational risk, highlighting the need for enhanced visibility and risk management across entire vendor ecosystems.

https://www.darkreading.com/cybersecurity-analytics/europe-evolves-ransomware-favorite-region

European Commission Cloud Breach: a Supply-Chain Compromise

In March 2026, the European Commission's AWS cloud account hosting public websites was compromised through the Trivy supply-chain attack linked to the threat actor TeamPCP, resulting in the exfiltration of approximately 91.7 GB of compressed data, including personal information and email content from multiple Union entities. The compromise, detected by the European Commission’s Cybersecurity Operations Centre and CERT-EU, led to a data leak published by the extortion group ShinyHunters, prompting immediate revocation of affected credentials, notifications to data protection authorities, and ongoing investigations into the incident's impact.

https://cert.europa.eu/blog/european-commission-cloud-breach-trivy-supply-chain

European Commission Investigating Breach After Amazon Cloud Account Hack

The European Commission is investigating a security breach after a threat actor accessed one of its Amazon Web Services cloud accounts, reportedly stealing over 350 GB of data including multiple databases. Although AWS confirmed no security incident on their platform, the Commission’s cybersecurity team detected the attack quickly, and the threat actor has stated intentions to leak the stolen data online without extorting the Commission.

https://www.bleepingcomputer.com/news/security/european-commission-investigating-breach-after-amazon-cloud-account-hack/

ShinyHunters Claims the Hack of the European Commission

The European Commission was reportedly breached by the cybercrime group ShinyHunters, which claimed to have stolen over 350 GB of data, including mail servers, databases, and confidential documents. The Commission confirmed the cyberattack affected part of its cloud infrastructure but stated that its internal systems were not compromised, and mitigation measures were promptly applied with ongoing investigations into the full impact.

https://securityaffairs.com/190095/data-breach/shinyhunters-claims-the-hack-of-the-european-commission.html

Link11 Releases European Cyber Report 2026: DDoS Attacks Become a Constant Threat

DDoS attacks surged in 2025, with a 75% increase, becoming a constant threat to digital infrastructures in Europe. Attacks lasted up to 12,388 minutes, and follow-up incidents increased by 80%. Link11 recommends continuous DDoS protection, advanced web application security, and AI-based detection for resilience against evolving threats.

https://markets.businessinsider.com/news/currencies/link11-releases-european-cyber-report-2026-ddos-attacks-become-a-constant-threat-1035885265

Cloudflare Defies Italy’s Piracy Shield, Won’t Block Websites on 1.1.1.1 DNS

Cloudflare faces a €14.2 million fine from Italy for not blocking pirate sites on its 1.1.1.1 DNS service under the country's Piracy Shield law. The law requires rapid blocking of alleged piracy sites, but Cloudflare argues it could harm legitimate sites and plans to contest the fine, possibly withdrawing services in Italy. The Piracy Shield has faced criticism for overblocking legitimate sites and lacking due process.

https://arstechnica.com/tech-policy/2026/01/cloudflare-may-pull-servers-out-of-italy-over-order-that-it-block-pirate-sites/

Video Gaming and Cybersecurity: Navigating Legal and Technological Challenges

Video gaming industry faces significant cyber risks due to rapid growth, attracting cyber criminals. Regulators worldwide are extending critical infrastructure legislation to gaming. This includes the NIS2 Directive and Cyber Resilience Act which impose stringent cybersecurity requirements on game companies. Key risks involve in-game integrity, data breaches, and compliance with regulations like GDPR. Effective cybersecurity measures are essential for legal compliance and to maintain user trust in an evolving digital landscape.

https://www.nortonrosefulbright.com/en/knowledge/publications/77cbcb67/video-gaming-and-cybersecurity

Violent Cybercrime Surges in Europe Amid Big Payouts

Cybercriminals in Europe are increasingly engaging in violent tactics, with 18 reported incidents in 2025, predominantly in France. This surge, termed “violence as a service,” includes high-profile cases like the kidnapping of Ledger co-founders. The UK remains the most targeted country for cybercrime, with over 2,100 attacks recorded since 2024, primarily from ransomware and data theft groups. The rise in violence is linked to organized networks that facilitate traditional cybercrime and physical theft, especially concerning cryptocurrency.

https://www.theregister.com/2025/11/04/cybercriminals_increasingly_rely_on_violence/

Databroker Files: Targeting the EU

Mobile phone location data of millions in the EU is being sold for advertising, posing serious privacy and security risks, including potential espionage. This data can reveal sensitive patterns of movement for EU officials, despite GDPR regulations meant to protect personal information. Investigations show that data brokers can easily target political figures, with significant implications for national security amid rising geopolitical tensions. EU leaders and NATO express concern over the situation but effective protective measures remain inadequate. Comprehensive regulation to curb data trading and enhance privacy rights is urgently needed, with calls for a ban on advertising tracking.

https://netzpolitik.org/2025/databroker-files-targeting-the-eu/

Scroll to Top