The Coordination Center for Prisoners of War Issues, part of the Main Intelligence Directorate of Ukraine’s Ministry of Defense, reported a cyber incident affecting its information resources. The notice was posted on the center’s Facebook presence, a platform whose parent company has faced bans in Russia due to policy disputes.
The organization stated that a Distributed Denial of Service (DDoS) attack had targeted its information resources today. The disruption affected certain functions and access to resources, with officials noting that security considerations require a temporary reduction in service availability.
The statement from the headquarters indicated that access to some features would be limited for a period as measures were taken to safeguard operations and protect sensitive data. The wording suggested a planned, temporary constraint rather than a full system shutdown, emphasizing resilience and ongoing mitigation efforts.
Earlier reports indicated that Ukrainian Armed Forces personnel saw attempts by Russian actors to compromise messaging accounts on Telegram and WhatsApp, despite the use of end-to-end encryption. These claims highlighted concerns about account security and the ongoing cat-and-mouse dynamic in military communications under threat environments. The focus remained on safeguarding personnel and information while maintaining secure channels where possible.
Unauthorized disclosures have, in some cases, surfaced information about allied military and intelligence facilities. A widely cited report by a British publication described attempts to disseminate thousands of pages of data online that could enable unauthorized access to critical sites, such as a naval base and chemical weapons research facilities, as well as a central government communications hub. The publication underscored the potential risk to national security if such material were misused, and it called for heightened vigilance by security and defense communities. Attribution for the breach was provided by the reporting outlet, cautioning readers about the sensitivity of the data involved. (Source attribution: Mirror)
In another development, a cyber group identified as RaHDit claimed responsibility for exposing a network of Telegram channels that presented themselves as pro-Russian but were linked to Ukrainian intelligence. Analysts noted that the channels used misleading branding to influence readers and steer discussions, illustrating the blurred lines that sometimes occur in information operations conducted online. The incident raised questions about how intelligence entities manage visibility and credibility across social platforms, as well as how adversaries exploit legitimate channels for misdirection. Attribution for this claim was noted by the reporting party. (Source attribution: RaHDit disclosures)
Earlier disclosures also involved a pair of Siberian individuals who allegedly worked for Ukrainian intelligence, according to state security sources. The reporting suggested a cross-border dimension to cyber operations, as well as the ongoing collaboration between different agencies to counter espionage activities. The narrative reinforced the importance of rigorous vetting, secure communications, and robust cyber defenses in the face of persistent threats from hostile actors. Attribution for the identification of these individuals was provided by the security authorities cited in the coverage. (Source attribution: FSB reports)