Aviation Cybersecurity News
Our Team is on the lookout for threats every day, as we support our clients with their compliance.
Here we share with the rest of the community the latest news and information relevant to EASA Part-IS
Data Breach of Civil Aviation Authority of Papua New Guinea
Overview On 30 May 2025, a threat actor claimed to have exploited a SQL injection vulnerability in the Civil Aviation Authority of Papua New Guinea
Alleged Airport Code Database Leak on Dark Web
Overview On 22 June 2025, cyber threat researchers identified a claim by a group calling itself “Weewoo” that they had successfully exfiltrated and leaked data
Admin Access to Aviation Maintenance Firm Offered for Sale on Dark Web Targeted Exposure of Critical Aviation Infrastructure
Overview On 21 June 2025, our cyber threat monitoring team has flagged a dark web post advertising unauthorized admin access to a company operating in
Aerodreams Compromised by Handala Ransomware Group
Overview On 14 June 2025, the ransomware group Handala publicly claimed responsibility for a major breach of Aerodreams, an aviation company reportedly linked to drone
Ransomware attack on Business Aviation Operator
In early June 2025, a European business aviation provider was named by the Qilin ransomware group on a dark web leak site.
Cyprus Airways Data Breach
Data breach at Cyprus Airways exposes PNR and ticket data; claims of real-time access raise aviation cybersecurity and Part-IS compliance concerns.
Latest Resources Available
Part-IS Compliance Toolkit and Templates
Part-IS Compliance Toolkit
The Ultimate Solution for a Secure and Compliant ISMS with 80+ documents, with hundreds of pages of
- ISMS Documentation
- Risk Assessment Tools
- Organisation IT and Aviation policies
- Management guides
