The Russia-linked threat actor known as APT28 (aka Forest Blizzard) has been linked to a new campaign that has compromised insecure MikroTik and TP-Link routers and modified their settings to turn them into malicious infrastructure under their control as part of a cyber espionage campaign since at least May 2025.The large-scale exploitation campaign has been codenamed
First seen on thehackernews.com
Jump to article: thehackernews.com/2026/04/russian-state-linked-apt28-exploits.html
