Key Takeaways

- Two US Army websites focused on AI integration were defaced with pro-Kurdish and anti-Trump messages
- The hackers modified error pages rather than main content, suggesting limited access to Army servers
- This incident follows a pattern of increased hacktivist attacks on federal government infrastructure in 2024-2025
Hacktivists defaced two US Army websites with pro-Kurdish messages and accusations against President Donald Trump. Security researcher Ronald Lovelace discovered the modified error pages on the Army's Open Innovation Lab and AI Integration Center, both of which test emerging technologies including AI. The Army took the pages down after Cyberscoop reported the defacements on Monday.
The attackers altered the 404 error pages, not the main sites. Visitors who navigated to non-existent URLs would see messages calling Trump a "pedophile" and "thief," a reference to his appearance in Justice Department files related to Jeffrey Epstein. The messages also mentioned Tom Barrack, the US ambassador to Turkey, and called for a "free Kurdistan."
How did the hackers get in?
The Army has not disclosed the attack vector. Both affected sites run on WordPress and use several plugins, a common target for hackers looking to exploit outdated or vulnerable components. The fact that only error pages were modified suggests the attackers had limited access. They changed what they could reach rather than penetrating deeper systems.
Error page defacements are a known technique in hacktivism. They require less access than modifying primary content and can persist unnoticed for longer since administrators rarely monitor 404 pages. The pro-Kurdish messaging points to groups like KurdishCyberTeam, which has historically targeted government sites to draw attention to US policy in Syria and Turkey.
Whether any data was stolen remains unclear. The Army is investigating. A Department of Defense spokesperson did not respond to requests for comment.
Federal systems under pressure
This is not an isolated incident. Earlier this year, hacktivists breached the Department of Homeland Security and published records on contracts used by ICE for deportation operations. This week, DHS confirmed another breach of an intelligence-sharing platform used by state, local, and federal authorities.
Government websites saw roughly 2,365 defacements globally in 2024, according to Zone-H archives. Mandiant's 2024 threat report noted a 45% increase in hacktivist activity targeting government sites since 2022, driven largely by geopolitical conflicts in Ukraine, the Middle East, and disputes over US foreign policy.
The federal cybersecurity budget hit $10.5 billion for FY2024. Yet the persistence of low-sophistication attacks, like modifying WordPress error pages, shows gaps between spending and basic hygiene. Plugin vulnerabilities, unpatched CMS installations, and misconfigured servers remain entry points.
What does this mean for enterprise security teams?
If the US Army can't secure its WordPress sites, the lesson for enterprise teams is uncomfortable: CMS security is nobody's priority until it becomes a PR problem. Error pages, staging environments, and forgotten subdomains are low-hanging fruit. Attackers know this.
The fix is boring but effective. Audit all public-facing properties, including test environments. Inventory every plugin and enforce automatic updates. Monitor for unauthorized file changes, including in template directories. The Army's Open Innovation Lab was built to explore emerging tech. Its compromise came through years-old attack patterns.
Logicity's Take
The technical sophistication here is low. Defacing error pages on WordPress sites is not advanced tradecraft. But the visibility is high, and that's the point. Hacktivists aren't trying to steal data or deploy ransomware. They want attention, and they got it. For CTOs running any public-facing CMS, the takeaway is to treat staging, test, and error templates as production assets. Tools like Cloudflare or Sucuri can detect file changes in real time. If you're still running manual plugin updates on a quarterly cycle, you're the target.
Explores how AI-focused infrastructure creates new attack surfaces
Frequently Asked Questions
Which US Army websites were hacked?
The Open Innovation Lab and AI Integration Center, both used for testing and integrating AI and emerging technologies into Army systems.
What messages did the hacktivists post?
The defaced error pages contained accusations against President Trump, references to Jeffrey Epstein files, criticism of US Ambassador Tom Barrack, and calls for a free Kurdistan.
Was any data stolen in the Army website breach?
The Army has not confirmed whether data was exfiltrated. The investigation is ongoing.
How did hackers access the Army websites?
The attack vector has not been disclosed. Both sites run WordPress with multiple plugins, a common target for exploitation.
Who is behind the US Army website defacement?
The attackers have not been identified. The pro-Kurdish messaging suggests possible ties to hacktivist groups that have previously targeted government sites over US foreign policy.
Need Help Implementing This?
If your organization needs to audit its public-facing CMS properties or strengthen website security posture, contact the Logicity team for recommendations on managed security tools and monitoring services.
Source: TechCrunch / Zack Whittaker
Huma Shazia
Senior AI & Tech Writer
Produced with AI assistance and reviewed by the Logicity editorial team. Learn more in our Editorial Policy.
Related Articles
Browse all
AI Revolution: How Tech is Transforming the World, One Industry at a Time
From desalination plants in Iran to AI-powered manufacturing, the tech world is abuzz with innovation. Discover how AI is changing the game for small entrepreneurs and what it means for the future of industry. Explore the latest developments in cybersecurity, robotics, and more.

Revolutionizing AI: The Game-Changing Tech That's Making Agents Smarter
A new technology is set to revolutionize the way AI agents learn and adapt, enabling them to accumulate wisdom and apply it to new situations. This innovation has the potential to significantly boost the reliability of AI agents, especially in complex tasks. By converting raw agent trajectories into reusable guidelines, this tech is poised to transform the AI landscape.

The Dark Side of AI: How Bots Are Fueling a Monetized Abuse Ecosystem
A recent analysis of 2.8 million Telegram messages reveals a shocking truth: AI-powered bots are being used to create and sell non-consensual intimate images. These bots can turn ordinary photos into synthetic nude images, and the abuse is being monetized through affiliate programs and subscription-based archives. The researchers behind the study are calling for stricter regulations to combat this growing problem.

AI's Secret Sauce: How Journalism Became the Unlikely Ingredient
A recent study reveals that AI chatbots rely heavily on journalistic sources for their quotes, with one in four coming from news outlets. This shocking discovery has significant implications for the media industry and our understanding of AI's information gathering processes. As AI technology continues to evolve, it's essential to consider the role of journalism in shaping its responses.

