As outlined in HackRead, the European Commission has confirmed a cyberattack targeting its central systems, potentially exposing personal details of its staff. The incident, detected on January 30, 2026, involved intrusions into systems managing employee mobile devices.The attack exploited two critical zero-day vulnerabilities, CVE-2026-1281 and CVE-2026-1340, in Ivanti Endpoint Manager Mobile (EPMM) software. These code injection flaws allowed attackers to remotely control the server without authentication. CERT-EU contained the breach within nine hours, securing and cleaning the affected systems. While names and phone numbers may have been accessed, the Commission stated no compromise of individual mobile devices was detected. This incident follows similar attacks on government bodies in the Netherlands and Finland, with dozens of other servers worldwide likely affected.Source: HackRead
Data Security, Security Operations, Critical Infrastructure Security, Vulnerability Management, Patch/Configuration Management
European Commission hit by cyberattack linked to Ivanti software flaws

(Credit: Getty Images)
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



