Cyber·Monitoring
Shai-Hulud Supply-Chain Attack Trojanizes 19 PyPI Packages
PyPI repository (global online service)· Global4 Jun
5 reportsPROPCYCAS
MediumAI Refreshed
ClosedMedium impactAI Generated
Netherlands FIOD Seizes 800 Servers of Bulletproof Hosting Firm Enabling Cyberattacks
Occurred 22 May 2026·Detected 22 May 2026·
🇳🇱 Netherlands (likely Amsterdam or major Dutch data center hub); precise seizure location unspecified1 reportEnded 29 May 2026
CyberPolitical RiskPolitical Risk
Dutch financial crime investigators (FIOD) arrested two individuals and seized 800 servers belonging to a bulletproof hosting company that facilitated cyberattacks, interference operations, and disinformation campaigns. The operation disrupts infrastructure-as-a-service for malicious actors globally.
AI-generated from linked source reports. See our correction policy.
Impact verdict
Medium impact. The seizure disrupts a significant node of malicious hosting infrastructure, reducing near-term cyberattack capacity for dependent threat actors. However, bulletproof hosting markets are resilient and actors typically migrate. The arrest of two individuals and seizure of 800 servers represents a meaningful but not systemic disruption. Downstream clients of the hosting service across multiple countries may face exposure if their identities are revealed through server forensics.
View assessment methodologyHow we grade what we know -- Known · Reported · Uncertain. Methodology →
Affected countries
🇳🇱 Netherlands
Timeline
Status Change2 Jun 2026, 13:05
Lifecycle changed
monitoring → closed
Closure2 Jun 2026, 13:05
Event Closed
auto_closed_monitoring_timeout
Status Change29 May 2026, 05:30
Status changed to monitoring
Auto-transitioned: no updates for 6 hours
active → monitoring
Status Change28 May 2026, 22:34
Status changed to active
evidence_trigger: authoritative_fast_track
signal → active
Initial Detection22 May 2026, 18:14
Initial Detection
Dutch financial crime investigators (FIOD) arrested two individuals and seized 800 servers belonging to a bulletproof hosting company that facilitated cyberattacks, interference operations, and disinformation campaigns. The operation disrupts infrastructure-as-a-service for malicious actors globally.
Financial crime investigators in the Netherlands (FIOD) arrested two men and seized 800 servers linked to a web hosting company that enabled cyberattacks, interference operations, and disinformation campaigns.
Source: BleepingComputer (Trade Media) · View source
Lloyd's classifications
Tracking this kind of risk? Get an email when Cyber events escalate.
Get alerts