Major Cyberattacks Target Critical Infrastructure and U.S. Treasury

On January 20, 2025, a series of coordinated cyberattacks struck multiple municipalities and banks, severely disrupting public services and halting governmental payment systems. These attacks, which are expected to continue until January 22, have exposed significant vulnerabilities in critical infrastructure and financial systems. Sophisticated methods employed by hackers, including advanced cyber-espionage techniques, have raised alarms among security professionals and governmental entities alike.

Additionally, a notable breach involving the U.S. Treasury has compromised networks used by senior officials, leading to concerns about national security and the integrity of sensitive financial data. Tools such as spear-phishing and zero-day vulnerabilities have facilitated these attacks, emphasizing the need for heightened cybersecurity measures. As the situation evolves, organizations are urged to review their defenses and prepare for further incidents.

In parallel, the emergence of a new phishing kit, "Sneaky 2FA," targeting Microsoft 365 accounts further complicates the threat landscape, highlighting the continuous evolution of cyber threats in 2025.