{"id":9120,"date":"2026-02-25T07:05:29","date_gmt":"2026-02-24T22:05:29","guid":{"rendered":"https:\/\/cyberenso.jp\/?p=9120"},"modified":"2026-06-12T07:06:12","modified_gmt":"2026-06-11T22:06:12","slug":"european-commission-dutch-authorities-hacked-via-ivanti-zero-day-vulnerabilities","status":"publish","type":"post","link":"https:\/\/cyberenso.jp\/en\/european-commission-dutch-authorities-hacked-via-ivanti-zero-day-vulnerabilities\/","title":{"rendered":"European Commission &amp; Dutch Authorities Hacked via Ivanti Zero-Day Vulnerabilities"},"content":{"rendered":"\n<p>In one of the most significant cybersecurity incidents of February 2026, several high-profile European organizations confirmed that their systems had been compromised after hackers exploited previously unknown vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM).Among the affected organizations were the European Commission, the Dutch Data Protection Authority (AP), and the Dutch Council for the Judiciary. <br>The attacks were linked to two critical security flaws, identified as CVE-2026-1281 and CVE-2026-1340. Both vulnerabilities allowed attackers to remotely execute malicious code on vulnerable systems without requiring authentication, making them particularly dangerous.Dutch authorities confirmed that work-related information, including employee names, business email addresses, and phone numbers, was accessed during the breach. Meanwhile, the European Commission stated that its security team detected and contained the incident within nine hours, helping to limit the overall impact.The vulnerabilities were publicly disclosed by Ivanti on January 29, and shortly afterward the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added one of the flaws to its Known Exploited Vulnerabilities (KEV) catalog after confirming active exploitation in real-world attacks.<br>What makes this incident especially noteworthy is the fact that the Dutch Data Protection Authority the organization responsible for enforcing privacy regulations and protecting personal data in the Netherlands became a victim itself. The breach serves as a reminder that even organizations dedicated to cybersecurity and data protection are not immune to sophisticated attacks.Security professionals are advising all organizations using Ivanti EPMM to apply security updates immediately, review systems for signs of compromise, and strengthen their overall security strategy. Experts say that relying solely on patching is no longer enough, and organizations should adopt a broader zero-trust approach to better defend against modern cyber threats.<br>The incident highlights a growing reality in today&#8217;s digital landscape: cybercriminals continue to target governments, regulators, and critical institutions, proving that no organization is too large, too important, or too security-focused to become a target.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In one of the most significant cybersecurity incidents of February 2026, several high-profile European organizations confirmed that their systems had been compromised after hackers exploited previously unknown vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM).Among the affected organizations were the European Commission, the Dutch Data Protection Authority (AP), and the Dutch Council for the Judiciary. The attacks were linked to two<span class=\"excerpt-hellip\"> [\u2026]<\/span><\/p>\n","protected":false},"author":1,"featured_media":9121,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[220,10,5,3],"tags":[],"class_list":["post-9120","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-government-advisory","category-latest_vulnerabilities","category-ce_listen","category-ce_read"],"acf":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/cyberenso.jp\/wp-content\/uploads\/2026\/06\/Ivanti-Integrates-Ivanti-Neurons-Platform-with-Splunk-Security-Operations-Suite-to-Further-Enable-the-Self-Healing-Autonomous-Edge-1.jpg?fit=2300%2C1300&ssl=1","_links":{"self":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/9120"}],"collection":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/comments?post=9120"}],"version-history":[{"count":1,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/9120\/revisions"}],"predecessor-version":[{"id":9123,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/9120\/revisions\/9123"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/media\/9121"}],"wp:attachment":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/media?parent=9120"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/categories?post=9120"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/tags?post=9120"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}