Full Report
The Gulf of Aden and other waters around the Horn of Africa are seeing an increase in maritime attacks. Since late April, Somali pirates have been attacking and seizing vessels at a rate not seen since 2011, when piracy in the region was at its peak. The United Kingdom Maritime Trade Operations (UKMTO) Centre, which offers a…
Analysis Summary
# Morning News Roll-up June 22, 2026
## Overview
Today's report highlights a significant resurgence in maritime piracy in the Gulf of Aden, reaching levels not seen in over a decade. Additionally, technical threats include a major supply chain compromise targeting the npm ecosystem and high-profile extortion attempts against healthcare-related data sets.
## Top Stories
### Resurgence of Somali Piracy in Gulf of Aden
- Summary: Somali pirates have increased attacks and vessel seizures since late April 2024, mirroring 2011 peak activity. These traditional piracy tactics (skiffs and small arms) are occurring alongside more advanced Houthi drone and missile strikes in the same region.
- Source: hxxps://threatbeat[.]com/attacks-and-incidents/pirate-attacks-on-ships-in-the-gulf-of-aden-are-on-the-rise/
### Mastra npm Supply Chain Compromise by Sapphire Sleet
- Summary: A sophisticated supply chain attack involving the Mastra npm package has been identified. The threat actor, Sapphire Sleet, utilized malicious postinstall payloads to compromise developer environments.
- Source: hxxps://threatbeat[.]com/threats/from-package-to-postinstall-payload-inside-the-mastra-npm-supply-chain-compromise-by-sapphire-sleet/
### ShinyHunters Extortion of Amazon One Medical Records
- Summary: The threat group ShinyHunters is allegedly threatening to leak sensitive medical records associated with Amazon One. This follows a pattern of high-stakes data theft and extortion targeting critical infrastructure and healthcare platforms.
- Source: hxxps://threatbeat[.]com/attacks-and-incidents/shinyhunters-threatens-to-leak-amazon-one-medical-records/
---
# Pirate attacks on ships in the Gulf of Aden are on the rise
## Key Points
- **Historical Resurgence**: Pirate activity around the Horn of Africa and the Somali Basin has reached a frequency not seen since 2011.
- **Alert Frequency**: The UKMTO issued four warnings in the Somali Basin in April and eight warnings in the Gulf of Aden across May and June.
- **Strategic Overlap**: While Houthi rebels utilize drones and missiles in the Red Sea, Somali pirates are operating closer to the Yemeni coast using traditional boarding tactics.
- **Active Crisis**: As of mid-June, at least three vessels seized between April 21 and May 2 remain in pirate custody.
## Threat Actors
- **Somali Pirates**: Local maritime gangs operating primarily out of the Somali Basin and Somali pirate areas of activity.
- **Houthi Rebels (Contextual)**: Iran-backed group mentioned for their distinct TTPs (drones/missiles) in the same geographic theatre.
## TTPs
- **Small Boat Operations**: Use of high-speed skiffs to approach commercial vessels.
- **Boarding and Seizure**: Forceful hijacking of ships for ransom or cargo.
- **Small Arms Fire**: Firing upon commercial vessels to compel them to stop.
- **Geographic Exploitation**: Operating off the anti-Houthi government-controlled coast of Yemen to avoid conflict with regional military forces.
## Affected Systems
- **Commercial Shipping Vessels**: Bulk carriers and tankers navigating the Gulf of Aden and Somali Basin.
- **Maritime Communication Systems**: Reliance on UKMTO monitoring and alert services.
- **Supply Chains**: Disruption of international trade routes through the Horn of Africa.
## Mitigations
- **UKMTO Monitoring**: Commercial vessels are advised to register with and monitor the United Kingdom Maritime Trade Operations (UKMTO) Centre.
- **Enhanced Lookouts**: Implementation of Best Management Practices (BMP5) including increased deck watches and physical barriers.
- **Advisory Compliance**: Adherence to Joint Maritime Information Center (JMIC) advisory notes regarding current "danger zones."
- **Armed Security**: Use of Vessel Management Services and potentially Private Contracted Armed Security Personnel (PCASP).
## Conclusion
The maritime threat landscape in the Gulf of Aden has shifted from purely geopolitical (Houthi-led) to include a resurgent criminal element (Somali piracy). Shipping companies must recognize that traditional piracy tactics are once again a primary threat. It is recommended that all vessels transiting the Somali Basin implement high-level security protocols and maintain constant communication with maritime trade centers to mitigate the risk of seizure.