Landmark cyber incidents
Hand-curated catalog of the most-cited landmark cyber incidents. Distinct from bulk public disclosures (/breaches.html) and per-actor extracted victim lists (/victims.html) — these are the story-form entries with cast, sources, and explicit attribution to a primary threat actor.
15 curated incident(s) · 53 MITRE-documented campaign(s) below · Types: Supply-chain compromise: 4 · Ransomware: 3 · Data theft: 3 · OT disruption: 2 · Espionage intrusion: 1 · Destructive wiper: 1 · Financial heist: 1 · Regions: US: 7 · International: 4 · EU: 2 · APAC: 2 · Updated monthly (the bright line between threat-intel catalog and incident database — bulk disclosures flow in via the daily SEC/CISA pipelines).
Curated landmarks
MITRE-documented campaigns — 53 campaigns from MITRE ATT&CK
The named operations MITRE ATT&CK documents as campaigns, beyond the curated landmarks above. Each links to its own campaign page — year range, attributed actor, techniques, and the MITRE narrative — and cross-links the running actor where the attribution is known. The monthly curator review promotes campaigns from here into the curated landmark layer.
« All actors · All victims · All sectors · Recent breach notifications