Tag: russia
-
‘BlackSanta’ EDR Killer Targets HR Workflows
A campaign by Russian-speaking cyberattackers hijacks workflows to deliver security-busting malware, allowing attackers to steal data without detection. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/blacksanta-edr-killer-hr-workflows
-
Finnish intelligence warns of persistent cyber espionage from Russia, China
Cyberespionage remains the country’s most significant digital threat, with attackers targeting government systems, research institutions and companies developing advanced technologies, according to a new intel report. First seen on therecord.media Jump to article: therecord.media/finnish-intel-warns-espionage-china-russia
-
Fake job applications pack malware that kills EDR before stealing data
Russian-speaking attackers lure HR staff into downloading ISO files that disable defenses First seen on theregister.com Jump to article: www.theregister.com/2026/03/10/malware_targeting_hr/
-
Russian military hackers revive advanced malware to spy on Ukraine, researchers say
Russian state hacker group APT28 has revived a sophisticated cyber-espionage toolkit to spy on Ukrainian targets, including military personnel, according to a report published Tuesday by cybersecurity firm ESET. First seen on therecord.media Jump to article: therecord.media/russia-apt-28-revives-malware-to-spy-on-ukraine
-
APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military
The Russian state-sponsored hacking group tracked as APT28 has been observed using a pair of implants dubbed BEARDSHELL and COVENANT to facilitate long”‘term surveillance of Ukrainian military personnel.The two malware families have been put to use since April 2024, ESET said in a new report shared with The Hacker News.APT28, also tracked as Blue Athena,…
-
Russian Hackers Target WhatsApp and Signal Accounts of Global Military and Government Officials
Dutch intelligence reveals Russian state hackers are trying to hijack the Signal and WhatsApp accounts of key targets First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russian-hackers-target-military/
-
APT28 hackers deploy customized variant of Covenant open-source tool
The Russian state-sponsored APT28 threat group is using a custom variant of the open-source Covenant post-exploitation framework for long-term espionage operations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/apt28-hackers-deploy-customized-variant-of-covenant-open-source-tool/
-
iPhone Hacking Toolkit Tied to Russian Espionage May Have Originated in the U.S.
A highly advanced iPhone hacking toolkit, originally developed for Western intelligence agencies, has leaked into the hands of Russian spies and Chinese cybercriminals. The exploit framework, known internally as >>Coruna,<< was likely created by Trenchant, the hacking and surveillance division of U.S. defense contractor L3Harris. This major breach demonstrates how strictly controlled military cyber weapons…
-
An iPhone-hacking toolkit used by Russian spies likely came from U.S military contractor
Google found a series of hacking tools they said were used by a Russian espionage group and a cybercriminal group in China. Sources from a U.S. government defense contractor said some of those hacking tools were theirs. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/09/an-iphone-hacking-toolkit-used-by-russian-spies-likely-came-from-u-s-military-contractor/
-
Dutch Intel Warns of Russian Hackers Hijacking Signal, WhatsApp Attacks
Dutch intelligence warns Russian hackers are hijacking Signal and WhatsApp accounts using fake support bots and verification code scams targeting officials and journalists. First seen on hackread.com Jump to article: hackread.com/dutch-intel-russia-hackers-hijack-signal-whatsapp-attacks/
-
Dutch govt warns of Signal, WhatsApp account hijacking attacks
Russian state-sponsored hackers have been linked to an ongoing Signal and WhatsApp phishing campaign targeting government officials, military personnel, and journalists to gain access to sensitive messages. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/dutch-govt-warns-of-signal-whatsapp-account-hijacking-attacks/
-
X suspends 800m accounts in one year amid ‘massive’ scale of manipulation attempts
Social media company tells MPs of continual fight against state-backed efforts, with Russia being most prolificElon Musk’s X said it had suspended 800m accounts over a 12-month period as it fights the “massive” scale of attempts to manipulate the platform.The social media company told MPs it was continually fighting state-backed attempts to hijack the agenda…
-
Russian government hackers targeting Signal and WhatsApp users, Dutch spies warn
Dutch intelligence is accusing Russia-backed hackers of running a “large-scale global” hacking campaign against Signal and WhatsApp users. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/09/russian-government-hackers-targeting-signal-and-whatsapp-users-dutch-spies-warn/
-
Russia-linked hackers target Signal, WhatsApp of officials globally
Russia-linked hackers are targeting Signal and WhatsApp accounts of government and military officials worldwide, warns Dutch intelligence. Dutch intelligence agencies (MIVD and AIVD) warn of a global campaign by Russia-linked threat actors aiming to compromise Signal and WhatsApp accounts. The operation targets government officials, civil servants, and military personnel, highlighting growing cyber risks to sensitive…
-
Kremlin hackers attempting to compromise Signal, WhatsApp accounts globally
Russian state hackers are carrying out a global campaign to compromise Signal and WhatsApp accounts belonging to government officials and military personnel, Dutch intelligence warned Monday. First seen on therecord.media Jump to article: therecord.media/russian-hackers-target-signal-whatsapp-warn-dutch-intelligence-agencies
-
Russian hackers crack into officials’ Signal and WhatsApp accounts
Russian state hackers are trying to break into Signal and WhatsApp accounts used by diplomats, military staff, and government officials worldwide, Dutch intelligence agencies … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/09/signal-whatsapp-accounts-russian-hackers/
-
Russian cybercrims phish their way into officials’ Signal and WhatsApp accounts
Dutch spies flag large-scale campaign to hijack secure messaging accounts First seen on theregister.com Jump to article: www.theregister.com/2026/03/09/dutch_spies_say_russian_cybercrims/
-
5 Actions Critical for Cybersecurity Leadership During International Conflicts
Tags: attack, backup, business, cloud, corporate, cyber, cybersecurity, data, exploit, government, incident response, infrastructure, international, iran, middle-east, military, network, resilience, risk, risk-assessment, russia, saas, service, supply-chain, technology, threat, ukraine, update, vulnerability, warfareThe recent military attacks involving Iran in the Middle East are a stark reminder that cybersecurity leadership must continually incorporate geopolitical risk into their enterprise cyber risk posture and preparedness. Every crisis that elevates to military engagements between cyber-active participants, changes the risk landscape of businesses, for people, operations, and data. This includes the…
-
Spyware Makers Topped Google’s List of Zero-Day Exploits for the First Time in 2025
For the first time, spyware makers topped Google’s list of organizations that exploited zero-day flaws in 2025, overtaking nation-state actors from China, Russia, and elsewhere and continuing a trends that Google researchers warned about two years ago. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/spyware-makers-in-2025-for-the-first-time-topped-googles-lists-of-zero-day-exploits/
-
Spyware Makers in 2025 for the First Time Topped Google’s Lists of Zero-Day Exploits
For the first time, spyware makers topped Google’s list of organizations that exploited zero-day flaws in 2025, overtaking nation-state actors from China, Russia, and elsewhere and continuing a trends that Google researchers warned about two years ago. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/spyware-makers-in-2025-for-the-first-time-topped-googles-lists-of-zero-day-exploits/
-
From Ukraine to Iran, Hacking Security Cameras Is Now Part of War’s ‘Playbook’
New research shows hundreds of attempts by apparent Iranian state hackers to hijack consumer-grade cameras, timed to missile and drone strikes. Israel, Russia, and Ukraine have also adopted this trick. First seen on wired.com Jump to article: www.wired.com/story/from-ukraine-to-iran-hacking-security-cameras-is-now-part-of-wars-playbook/
-
Zero-day exploits hit enterprises faster and harder
Tags: access, apple, attack, backdoor, business, china, cisco, cve, data, detection, endpoint, espionage, exploit, firewall, flaw, fortinet, google, group, hacker, infrastructure, ivanti, least-privilege, mobile, network, oracle, radius, ransomware, risk, router, russia, service, software, technology, threat, update, vpn, vulnerability, zero-dayEnterprise environments under siege: Chinese threat actors continued to display a preference for targets that are difficult to monitor and allow persistent access to strategic networks. Notable examples include the groups that GTIG tracks as UNC5221, which exploited a flaw in Ivanti Connect Secure (CVE-2025-0282) and UNC3886, which exploited a vulnerability in Juniper routers (CVE-2025-21590).Another…
-
Phobos Ransomware admin faces up to 20 years after guilty plea
Russian national Evgenii Ptitsyn (43) pleaded guilty in the U.S. for his role in the Phobos ransomware operation. Russian national Evgenii Ptitsyn pleaded guilty in the US to wire fraud conspiracy for his role in the Phobos ransomware scheme. The man was arrested in South Korea in 2024 and extradited to the United States. He…
-
Ukrainian women fleeing war exploited in multimillion-dollar gambling fraud scheme
A criminal network in Spain exploited dozens of Ukrainian women displaced by Russia’s war to carry out a multimillion-dollar fraud gambling scheme, Europol said Thursday. First seen on therecord.media Jump to article: therecord.media/Ukraine-women-Spanish-gambling-ring
-
Phobos ransomware leader pleads guilty, faces up to 20 years in prison
The 43-year-old Russian national ran a ransomware operation that impacted more than 1,000 victims globally. The conspiracy netted more than $39 million in extortion payments. First seen on cyberscoop.com Jump to article: cyberscoop.com/phobos-ransomware-leader-guilty/
-
Cryptohack Roundup: Ariomex Leak Flags Iran Sanction Risks
Also: US’ Multi-Million Dollar Scam Funds Seizure. Iran exchange leak raises sanctions risks, $580M frozen in scam crackdown, $61M romance scam funds seized, feds seek $327K in dating scam case, Russia exploit broker sanctioned, South Korean wallet recovery phrase exposure and arrest in custody bitcoin theft, Axiom data misuse and Uniswap lawsuit ends. First seen…
-
Russian APT targets Ukraine with BadPaw and MeowMeow malware
Researchers uncovered a Russian campaign targeting Ukrainian entities with new malware families BadPaw and MeowMeow delivered through phishing emails. Researchers reported a phishing campaign linked to Russia that targets Ukrainian organizations using two new malware families, BadPaw and MeowMeow. The attack chain begins with a phishing email carrying a link to a ZIP archive. When…
-
APT28-Linked Campaign Deploys BadPaw Loader and MeowMeow Backdoor in Ukraine
Cybersecurity researchers have disclosed details of a new Russian cyber campaign that has targeted Ukrainian entities with two previously undocumented malware families named BadPaw and MeowMeow.”The attack chain initiates with a phishing email containing a link to a ZIP archive. Once extracted, an initial HTA file displays a lure document written in Ukrainian concerning border…
-
Phobos ransomware admin pleads guilty to wire fraud conspiracy
A Russian national pleaded guilty to a wire fraud conspiracy charge related to his role in administering the Phobos ransomware operation, which breached hundreds of victims worldwide. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/phobos-ransomware-admin-pleads-guilty-to-wire-fraud-conspiracy/

