Chronicles of Compromise

The internet runs on trust.

Chronicles of Compromise documents the cyber attacks that exposed those weaknesses. Each story explores the timeline, the techniques, and the people behind some of the most significant breaches in modern history.

Understanding how these attacks happened is more than curiosity.

It’s how we learn to stop the next one.

• “The Bandwidth Wars” – The Flood No One Could SeeApril 9, 2026
  On February 28, 2018, GitHub experienced a massive DDoS attack that peaked at 1.35 terabits per second, utilizing misconfigured Memcached servers to amplify traffic. Within ten minutes, GitHub rerouted traffic and absorbed the attack. By 2020, AWS faced a larger attack but successfully mitigated it, showcasing evolving defense strategies against infrastructure disruption.
• The XZ Utils Backdoor (2024)March 20, 2026
  In March 2024, a backdoor hidden in XZ Utils, an essential Linux compression tool, was discovered. The attacker, posing as a trusted contributor for over two years, exploited community trust to embed malicious code capable of compromising millions of servers. The operation highlights the increasing threat of supply chain attacks and the significance of vigilance in software maintenance.
• SolarWinds Supply Chain Attack (2020)March 14, 2026
  In early 2020, a routine software update for SolarWinds’ Orion contained hidden malware, SUNBURST, leading to a global cyber-espionage campaign. Discovered by FireEye in December 2020, the breach highlighted vulnerabilities in trust and supply chains, with attackers, linked to Russian intelligence, exploiting a single vendor to access numerous networks for strategic data gathering.
• Stuxnet – When Code Crossed the Line into Physical DestructionMarch 11, 2026
  In 2010, Stuxnet emerged as a groundbreaking malware that not only infected computers but also physically destroyed industrial control systems, specifically targeting Iran’s nuclear facilities. Its sophisticated design showcased a new era of cyber warfare, highlighting vulnerabilities in critical infrastructure and proving that cyberattacks could cause tangible damage, setting a dangerous precedent for future conflicts.
• NotPetya: The Cyber Attack That Wasn’t RansomwareMarch 6, 2026
  On June 27, 2017, the NotPetya cyber attack began in Ukraine, initially appearing as ransomware but ultimately functioning as wiper malware, aimed at destroying systems. Spreading globally, it disrupted major companies and caused over $10 billion in damages. The attack highlighted vulnerabilities in supply chains and the geopolitical implications of cyber warfare.