Critical

Senegal shuts National ID office after ransomware attack

Security Affairs
Actively Exploited

Overview

Senegal's national ID card office has shut down following a ransomware attack that disrupted essential services, including the issuance of ID cards, passports, and management of biometric data. The attack targeted the Directorate of File Automation, the government agency responsible for these services. In response, authorities have temporarily closed the office to mitigate the situation and prevent further issues. The incident raises concerns about the security of sensitive personal data and the impact on citizens who rely on these services for identification and travel. As the investigation continues, officials are working to determine the extent of the breach and how to prevent similar attacks in the future.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: National ID cards, passports, biometric data services
  • Action Required: Temporarily closed the national ID office to contain the incident.
  • Timeline: Ongoing since the ransomware attack occurred

Original Article Summary

Senegal closed its national ID card office after a ransomware cyberattack disrupted ID, passport, and biometric services. Senegal confirmed a cyberattack on the Directorate of File Automation, the government office that manages national ID cards, passports, and biometric data. After ransomware claims surfaced, authorities temporarily closed the office to contain the incident. The agency warned […]

Impact

National ID cards, passports, biometric data services

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Ongoing since the ransomware attack occurred

Remediation

Temporarily closed the national ID office to contain the incident

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Ransomware.

Related Coverage

Old UEFI Shims Expose Systems to Secure Boot Bypass

SecurityWeek

Researchers have identified vulnerabilities in older UEFI shim bootloaders signed by Microsoft, which could allow attackers to bypass Secure Boot protections on affected systems. This issue is significant because it affects a wide range of devices, regardless of the operating system they run. Essentially, if a device uses these outdated bootloaders, it may be at risk of being compromised. The implications are serious, as Secure Boot is designed to ensure that only trusted software runs during the system's startup process. Users and organizations should review their systems for these vulnerabilities and take appropriate action to mitigate the risks.

Jul 16, 2026

Zoom Patches Critical Windows Flaw That Could Enable Account Takeover

The Hacker News

Zoom has addressed a serious security flaw in its Windows applications that could allow attackers to take over user accounts. This vulnerability, identified as CVE-2026-53412, has a high severity score of 9.8, indicating its potential impact. The flaw affects several Zoom products, including the Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows. Users of these applications are at risk, making it crucial for them to apply the necessary updates. By patching this vulnerability, Zoom aims to protect its users from unauthorized access and potential misuse of their accounts.

Jul 16, 2026

Police Disrupt a €140M Cyber Fraud Ring in Spain

darkreading

Spanish police have dismantled a cyber fraud ring responsible for a staggering €140 million in various scams. The group, comprised of Iberian hackers, executed multiple cyberattacks and used intricate financial networks to launder their stolen profits. This operation not only highlights the persistent threat of organized cybercrime but also raises concerns about the effectiveness of current cybersecurity measures. Authorities are urging businesses and individuals to remain vigilant against such sophisticated schemes. The crackdown serves as a reminder of the ongoing battle between law enforcement and cybercriminals, emphasizing the need for improved defenses in the digital realm.

Jul 16, 2026

Nightmare Eclipse Drops ‘LegacyHive’ Windows Zero-Day

SecurityWeek

A new zero-day vulnerability in Windows, dubbed 'LegacyHive', has been disclosed by a researcher known as Nightmare Eclipse. To mitigate the risk of immediate exploitation, the researcher has stripped the proof-of-concept exploit from public access. This vulnerability could potentially allow attackers to execute arbitrary code on affected systems, putting users and organizations at risk. Windows users and administrators should be particularly vigilant as they await further details and patches. The situation is evolving, and users are advised to stay updated on any security advisories related to this vulnerability.

Jul 16, 2026

Trend Micro, Tanium, ESET and Tenable Patch Severe Product Vulnerabilities

SecurityWeek

Trend Micro, Tanium, ESET, and Tenable have released patches to address several severe vulnerabilities in their cybersecurity products. These vulnerabilities, classified as critical and high-severity, could potentially allow attackers to exploit systems running these affected products. Users of these software solutions should prioritize applying the updates to protect against possible intrusions. The timely patching is crucial as it helps prevent attackers from taking advantage of these security flaws. Organizations using these products should ensure their systems are updated to the latest versions to maintain security.

Jul 16, 2026

What public money does to open-source projects

Help Net Security

Open-source software plays a crucial role in the infrastructure of many companies, with about 96 percent of codebases incorporating it. This reliance became evident with high-profile vulnerabilities like the log4j flaw in December 2021, which affected a wide range of applications, from social media platforms to gaming software. More recently, the xz utils backdoor discovered in 2024 has further emphasized the security risks associated with open-source projects. These incidents raise concerns about the stability and security of software that many organizations depend on but do not financially support. As open-source projects often rely on volunteer contributions, the need for dedicated funding and resources to maintain and secure these projects is becoming increasingly critical.

Jul 16, 2026