As we pass the halfway point of 2026, global cyberattacks have not receded into the background due to geopolitical conflicts and escalating public discourse. On the contrary, the scope of attacks continues to expand, from government databases and water and energy facilities to open-source software supply chains and large enterprise systems, with more direct and real-world consequences.
TechCrunch's review shows that the most concerning security incidents this year are no longer just traditional data breaches, but also include destructive attacks on infrastructure, continuous disruptions to business operations, and supply chain intrusions spread through open-source software.
US government data controversy continues
The article mentions that the investigation into data management issues surrounding the U.S. Department of Government Efficiency (DOGE) continues, with ongoing searches for security vulnerabilities left after its contact with federal agencies. One point of contention is the whistleblower's claim that a still-functioning copy of the U.S. Social Security database was uploaded to a third-party server lacking security protection.
If this claim is true, the data could involve a large number of Social Security numbers and personal information of U.S. residents. Currently, the case is still ongoing in federal court litigation, and the full scope of its impact has not yet been determined.
Energy and water supply systems under pressure
Cyberattacks targeting civilian infrastructure continued to occur across Europe this year, affecting power generation facilities, dams, and water treatment systems. The report noted that the Polish power grid, a thermal power plant in Sweden, and a dam in Norway were all attacked, with some incidents attributed to or linked to Russia.
Entering 2026, Poland's water treatment facilities once again became targets. Meanwhile, as the military conflict between the United States, Israel, and Iran escalated, the United States also began warning that Iranian hackers might target critical domestic infrastructure, particularly vulnerable private water supply systems.
Stryker and the open-source ecosystem are impacted.
In March of this year, the US medical technology company Stryker suffered a devastating attack. Reports indicate that Iranian hackers remotely wiped tens of thousands of employee devices after infiltrating the site, disrupting the company's operations for several days. The US government attributed the attack to forces within the Iranian intelligence system, and the incident also had a substantial impact on the company's first-quarter performance.
Another main theme is the ongoing attacks against open-source developers and tools. Projects such as Aqua Security's Trivy, Bitwarden, and Checkmarx have been specifically mentioned as being affected, with attackers using backdoored software to steal passwords, credentials, and access tokens, further impacting companies like OpenAI and Vercel that rely on such tools.
ShinyHunters continues to expand its reach
ShinyHunters, a hacking group known for its voice phishing attacks, remains active this year. Their common tactic is to impersonate IT support personnel or posing as employees to request password resets, thereby gaining unauthorized access to internal corporate systems.
The edtech company Instructure is a prime example. Attackers breached its learning management system, Canvas, stealing personal data from over 30 million students and faculty members. After the company refused to pay the ransom, the attackers re-infiltrated the system and tampered with the login page during final exams at US schools. Reports indicate that Instructure eventually paid the ransom.
In addition to Instructure, ShinyHunters has also been linked to several other large-scale data breaches, including approximately 40 million records from internet service provider Charter and at least 6 million customer records from cruise line Carnival. The victims have also extended to higher education, financial, and government institutions.
The FBI and Hasbro were also affected.
In April of this year, the FBI confirmed that one of its surveillance systems had been compromised, initiating a "major cyber incident" notification procedure. According to reports, the leaked information may have included sensitive data such as the phone numbers of targets monitored by federal law enforcement agencies, and the attack has been linked to Chinese espionage activities.
On the corporate front, Hasbro has also been forced into a prolonged shutdown due to the hacking incident. While the company has not disclosed details regarding whether data was stolen or whether a ransom was paid, it has postponed its financial disclosures. Meanwhile, hotel check-in systems, money transfer apps, prison phone services, and UK visa services have also exposed large amounts of passport and driver's license scans in recent months, affecting more than 2 million people.
