
Two U.S. Army websites were defaced by hacktivists who plastered them with political messages targeting President Donald Trump and calling for a free Kurdistan. The Army has since taken the pages down, but the incident adds to a growing list of government systems compromised in recent months.
According to TechCrunch, security researcher Ronald Lovelace first flagged the defacements to Cyberscoop, which broke the story. The sites hit were the Army’s Open Innovation Lab and AI Integration Center, two platforms focused on testing and integrating AI and other technology into military systems.
The Army did not explain how the error pages were changed. Both websites appear to run on WordPress, which relies on third-party plug-ins that hackers often target to break into sites. It is also unclear whether any data was stolen during the attack.
The defaced content appeared on custom error pages, the kind that load when someone tries to visit a URL that does not exist on a site. Those pages had been altered to display messages calling Trump a “pedophile” and a “thief,” which likely refers to his extensive mention in Justice Department files related to the late financier and convicted sex offender Jeffrey Epstein. The messages also named Tom Barrack, the current U.S. ambassador to Turkey, and included a call for Kurdish independence.
The defacements were still visible as of Monday. Cyberscoop contacted the Army, which pulled the pages down shortly after. The Army said it was investigating the incident. A spokesperson for the Department of Defense did not respond to TechCrunch’s request for comment.
Hacktivism of this kind is not new. Groups motivated by political causes often target government websites to spread a message, and while defacements are typically less destructive than data theft or ransomware attacks, they are not always harmless. Earlier this year, hacktivists targeted the U.S. Department of Homeland Security and released a large volume of records on contracts used by immigration authorities, including ICE, to carry out deportations.
The timing matters here. This week, the Department of Homeland Security confirmed a separate breach in which hackers broke into one of its intelligence-sharing platforms used to pass information between state, local, and federal authorities. That is a more serious incident, but together these attacks point to a pattern: U.S. government websites and systems are being hit repeatedly, and not always by sophisticated state-sponsored actors. Some of it is straightforward political protest carried out through basic web vulnerabilities.
The fact that Army websites running on WordPress with unpatched plug-ins could be modified this way raises real questions about how well basic security hygiene is being maintained across federal infrastructure. These were not deeply sensitive systems, but they carry the Army’s name and credibility, which is exactly what hacktivists are counting on.