-
UK ties GRU to stealthy Microsoft 365 credential-stealing malware
The UK National Cyber Security Centre (NCSC) has formally attributed 'Authentic Antics' espionage malware attacks to APT28 (Fancy Bear), threat actor already linked to Russia's military intelligence service (GRU).
- July 18, 2025
- 03:39 PM
0
-
LameHug malware uses AI LLM to craft Windows data-theft commands in real-time
A novel malware family named LameHug is using a large language model (LLM) to generate commands to be executed on compromised Windows systems.
- July 17, 2025
- 02:57 PM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
APT28 hackers use Signal chats to launch new malware attacks on Ukraine
The Russian state-sponsored threat group APT28 is using Signal chats to target government targets in Ukraine with two previously undocumented malware families named BeardShell and SlimAgent.
- June 23, 2025
- 06:14 PM
- 0
-
Russian hackers breach orgs to track aid routes to Ukraine
A Russian state-sponsored cyberespionage campaign attributed to APT28 (Fancy Bear/Forest Blizzard) hackers has been targeting and compromising international organizations since 2022 to disrupt aid efforts to Ukraine.
- May 21, 2025
- 05:21 PM
- 0
-
Government webmail hacked via XSS bugs in global spy campaign
Hackers are running a worldwide cyberespionage campaign dubbed 'RoundPress,' leveraging zero-day and n-day flaws in webmail servers to steal email from high-value government organizations.
- May 15, 2025
- 03:14 PM
- 2
-
France ties Russian APT28 hackers to 12 cyberattacks on French orgs
Today, the French foreign ministry blamed the APT28 hacking group linked to Russia's military intelligence service (GRU) for targeting or breaching a dozen French entities over the last four years.
- April 29, 2025
- 02:57 PM
- 0
-
State-sponsored hackers embrace ClickFix social engineering tactic
ClickFix attacks are being increasingly adopted by threat actors of all levels, with researchers now seeing multiple advanced persistent threat (APT) groups from North Korea, Iran, and Russia utilizing the tactic to breach networks.
- April 20, 2025
- 10:14 AM
- 0
-
Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack'
Russian state hackers APT28 (Fancy Bear/Forest Blizzard/Sofacy) breached a U.S. company through its enterprise WiFi network while being thousands of miles away, by leveraging a novel technique called "nearest neighbor attack."
- November 22, 2024
- 02:33 PM
- 1
-
Poland says Russian military hackers target its govt networks
Poland says a state-backed threat group linked to Russia's military intelligence service (GRU) has been targeting Polish government institutions throughout the week.
- May 09, 2024
- 07:14 PM
- 1
-
NATO and EU condemn Russia's cyberattacks against Germany, Czechia
NATO and the European Union, with international partners, formally condemned a long-term cyber espionage campaign against European countries conducted by the Russian threat group APT28.
- May 03, 2024
- 11:47 AM
- 4
-
Microsoft: APT28 hackers exploit Windows flaw reported by NSA
Microsoft warns that the Russian APT28 threat group exploits a Windows Print Spooler vulnerability to escalate privileges and steal credentials and data using a previously unknown hacking tool called GooseEgg.
- April 22, 2024
- 01:22 PM
- 0
-
Russian hackers hijack Ubiquiti routers to launch stealthy attacks
Russian APT28 military hackers are using compromised Ubiquiti EdgeRouters to evade detection, the FBI says in a joint advisory issued with the NSA, the U.S. Cyber Command, and international partners.
- February 27, 2024
- 12:25 PM
- 0
-
FBI disrupts Russian Moobot botnet infecting Ubiquiti routers
The FBI took down a botnet of small office/home office (SOHO) routers used by Russia's Main Intelligence Directorate of the General Staff (GRU) to proxy malicious traffic and to target the United States and its allies in spearphishing and credential theft attacks.
- February 15, 2024
- 01:00 PM
- 3
-
Russian military hackers target Ukraine with new MASEPIE malware
Ukraine's Computer Emergency Response Team (CERT) is warning of a new phishing campaign that allowed Russia-linked hackers to deploy previously unseen malware on a network in under one hour.
- December 28, 2023
- 12:43 PM
- 0
-
Russian military hackers target NATO fast reaction corps
Russian APT28 military hackers used Microsoft Outlook zero-day exploits to target multiple European NATO member countries, including a NATO Rapid Deployable Corps.
- December 07, 2023
- 05:20 PM
- 0
-
Russian hackers exploiting Outlook bug to hijack Exchange accounts
Microsoft's Threat Intelligence team issued a warning earlier today about the Russian state-sponsored actor APT28 (aka "Fancybear" or "Strontium") actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts and steal sensitive information.
- December 04, 2023
- 03:14 PM
- 0
-
France says Russian state hackers breached numerous critical networks
The Russian APT28 hacking group (aka 'Strontium' or 'Fancy Bear') has been targeting government entities, businesses, universities, research institutes, and think tanks in France since the second half of 2021.
- October 26, 2023
- 12:40 PM
- 0
-
Google links WinRAR exploitation to Russian, Chinese state hackers
Google says that several state-backed hacking groups have joined ongoing attacks exploiting a high-severity vulnerability in WinRAR, a compression software used by over 500 million users, aiming to gain arbitrary code execution on targets' systems.
- October 18, 2023
- 11:00 AM
- 0
-
CISA orders govt agencies to patch bugs exploited by Russian hackers
On Thursday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added six more security flaws to its known exploited vulnerabilities (KEV) list.
- June 22, 2023
- 03:04 PM
- 0
-
Russian APT28 hackers breach Ukrainian govt email servers
A threat group tracked as APT28 and linked to Russia's General Staff Main Intelligence Directorate (GRU) has breached Roundcube email servers belonging to multiple Ukrainian organizations, including government entities.
- June 20, 2023
- 09:00 AM
- 0
