Information Security Timelines

In the first half of February 2026 I collected 96 events (6.4 events/day) with a threat landscape dominated by malware with 33%, (it was 38% in the second half of last month, once again ahead of ransomware (up to 20% from 14%), and account takeovers, down to 8% from 14%.

In this blog post I am collecting the campaigns that show evidence of being AI-generated, or make use of AI tools to increase their impact. As always I will continue to update the list as soon as new campaigns emerge.

After the cyber attacks timelines (part I and part II), it’s time to publish the statistics for January 2026 where I collected and analyzed 178 events. In January 2026, Cyber Crime continued to lead the Motivations chart with 76%, ahead of Cyber Espionage at number two with 19%, and Cyber Warfare with just three events.

After the first timeline of January 2026, it’s time to publish the list of the main cyber attacks occurred in the second half of the month, between 16 and 31 January 2026.

Here’s a collection of the main mega breaches (that is data breaches with more than one million records compromised and possibly leaked) during 2026. The information is derived from the cyber attacks timelines that I published, normally, on a bi-weekly basis.

And I am back with the 1-15 January 2026 cyber attacks timeline. In the first timeline of January 2026, I collected 61 events (4.07 events/day) with a threat landscape dominated by malware with 36%, a direct comparison with the previous timelines is not fair, since I changed the criteria for the timeline, and the previous one dates back to more than one year ago, ahead of account takeover with 15% and ransomware, with 11%.

The exploitation of vulnerabilities targeting remote access technologies to gain initial access is continuing relentlessly also during 2025, with initial access brokers, and in general opportunistic and targeted threat actors, quite active in leveraging software flaws to break into organizations.

In the first timeline of March 2025, I collected 127 events with a threat landscape dominated by malware and ransomware…

After the cyber attacks timelines, it’s time to publish the statistics for February 2025 where I collected and analyzed 231 events. In February 2025, Cyber Crime continued to lead the Motivations chart with 64% down from 75%, of February. Operations driven by Cyber Espionage ranked at number two with 20%, an important increase from 12% and once again ahead of Hacktivism slightly down to 3% from 4%. Only a single event was attributed to Cyber Warfare that closes the chart.

In the second timeline of February 2025, I collected 116 events (8.92 events/day) with a threat landscape dominated by malware with 29%, a value very close to 30% of the previous timeline, ahead of ransomware, back at number two with 21%, from 8% of the previous fortnight, and targeted attacks with 17%, very close to 16% of H1.