HIGHRansomware
Verified
United States

Major US Airport Systems Hit by Coordinated Ransomware Attack

Thursday, February 26, 2026 at 06:00 AM UTC·Source: TSA / CISA

Updated: Friday, February 27, 2026 at 02:00 PM UTC

Executive Summary

Coordinated ransomware attack disrupts systems at four major US airports. Flight information, baggage handling, and check-in systems affected.

Analysis

A coordinated ransomware attack disrupted operations at four major US airports, affecting flight information displays, automated baggage handling, and self-service check-in kiosks. The attack is attributed to a ransomware affiliate exploiting a common vendor used by all four airports. TSA and CISA activated emergency response protocols. Manual backup procedures kept flights operational but caused significant delays. No impact to air traffic control or flight safety systems.

Timeline

Discovered
Feb 26, 2026
Exploitation Detected
Feb 26, 2026
Published
Feb 26, 2026
Source Attribution

Originally published by TSA / CISA on Feb 26, 2026. Verified by: TSA, CISA, FBI.

Related Threats

CRITICALRansomware

Cisco fixes critical IMC auth bypass present in many products

Cisco has released patches for a critical vulnerability in its out-of-band management solution, present in many of its servers and appliances. The flaw allows unauthenticated remote attackers to gain admin access to the Cisco Integrated Management Controller (IMC), which gives administrators remote control over servers even when the main OS is shut down. The vulnerability, tracked as CVE-2026-2009

CVE-2026-20093
CSO Online
HIGHRansomware

Akira ransomware group can achieve initial access to data encryption in less than an hour

A new report from Halcyon finds that the group also puts more effort than usual into developing working decryptors, likely to incentivize businesses to pay up. The post Akira ransomware group can achieve initial access to data encryption in less than an hour appeared first on CyberScoop .

CyberScoop
CRITICALRansomware

vSphere and BRICKSTORM Malware: A Defender's Guide

<div class="block-paragraph_advanced"><p>Written by: Stuart Carrera</p> <hr/></div> <div class="block-paragraph_advanced"><h3><span style="vertical-align: baseline;">Introduction</span><strong style="vertical-align: baseline;"> </strong></h3> <p><span style="vertical-align: baseline;">Building on </span><a href="https://cloud.google.com/blog/topics/threat-intelligence/brickstorm-espionage-campaign

CVE-2026-22769
Mandiant