Tag: russia

Everybody is WinRAR phishing, dropping RATs as fast as lightning

Jan 28, 2026 8:22 PM

Tags: china, phishing, rat, russia

Russians, Chinese spies, run-of-the-mill crims “¦ First seen on theregister.com Jump to article: www.theregister.com/2026/01/28/winrar_bug_under_attack/
Russian Cybercrime Platform RAMP Forum Seized by FBI

Jan 28, 2026 7:24 PM

Tags: cybercrime, dark-web, ransomware, russia

US authorities have seized the RAMP cybercrime forum, taking down both its clearnet and dark web domains in a major hit to the ransomware infrastructure. First seen on hackread.com Jump to article: hackread.com/russian-cybercrime-ramp-forum-seized-fbi/
Russian ELECTRUM Tied to December 2025 Cyber Attack on Polish Power Grid

Jan 28, 2026 7:24 PM

Tags: attack, cyber, cybersecurity, hacking, intelligence, russia, technology

The “coordinated” cyber attack targeting multiple sites across the Polish power grid has been attributed with medium confidence to a Russian state-sponsored hacking crew known as ELECTRUM.Operational technology (OT) cybersecurity company Dragos, in a new intelligence brief published Tuesday, described the late December 2025 activity as the first major cyber attack targeting distributed energy First…
Russian Cybercrime Platform RAMP Forum Seized by Feds

Jan 28, 2026 6:21 PM

Tags: cybercrime, dark-web, ransomware, russia

US authorities have seized the RAMP cybercrime forum, taking down both its clearnet and dark web domains in a major hit to the ransomware infrastructure. First seen on hackread.com Jump to article: hackread.com/russian-cybercrime-ramp-forum-seized-feds/
Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088

Jan 28, 2026 12:21 PM

Tags: access, china, cve, exploit, flaw, google, government, group, russia, threat, vulnerability

Google on Tuesday revealed that multiple threat actors, including nation-state adversaries and financially motivated groups, are exploiting a now-patched critical security flaw in RARLAB WinRAR to establish initial access and deploy a diverse array of payloads.”Discovered and patched in July 2025, government-backed threat actors linked to Russia and China as well as financially motivated First…
Russian security systems firm Delta hit by cyberattack, services disrupted

Jan 27, 2026 3:21 PM

Tags: cyberattack, russia, service

Building and car alarm systems managed by Russian company Delta have been disrupted by a cyberattack blamed on a “hostile foreign state.” First seen on therecord.media Jump to article: therecord.media/russia-delta-security-alarm-company-cyberattack
Poland Thwarts Russian Wiper Malware Attack on Power Plants

Jan 27, 2026 1:21 PM

Tags: attack, cyber, malware, russia

Poland blocked a Russian wiper malware attack on power and heating plants, officials say, avoiding outages during winter and prompting tighter cyber rules. First seen on hackread.com Jump to article: hackread.com/poland-thwarts-russian-wiper-malware-power-plants/
Amnesia RAT deployed in multi-stage phishing attacks against Russian users

Jan 27, 2026 12:21 PM

Tags: attack, business, malware, phishing, ransomware, rat, russia, social-engineering

A multi-stage phishing campaign targets users in Russia with ransomware and Amnesia RAT using fake business documents as lures. FortiGuard Labs researchers uncovered a multi-stage malware campaign mainly targeting users in Russia. The attack uses fake business documents as social engineering lures to distract victims while malware runs in the background. It escalates to full…
Sandworm Blamed for Wiper Attack on Poland Power Grid

Jan 26, 2026 11:26 PM

Tags: apt, attack, infrastructure, russia

Researchers attributed the failed attempt to the infamous Russian APT Sandworm, which is notorious for wiper attacks on critical infrastructure organizations. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/sandworm-wiper-attack-poland-power-grid
Wiper Malware Targeting Poland’s Power Grid Tied to Moscow

Jan 26, 2026 7:21 PM

Tags: cyberattack, group, hacker, intelligence, malware, military, russia, threat

Signs Point to Long-Active ‘Sandworm’ Military Intelligence Hackers at Work. Russian cyberattacks in late December 2025 that attempted to disrupt Poland’s power grid have been attributed to Sandworm, the codename for an advanced persistent threat group tied to a Moscow military intelligence unit that repeatedly uses wiper malware, including in these attacks. First seen on…
Russian state hackers likely behind wiper malware attack on Poland’s power grid

Jan 26, 2026 5:21 PM

Tags: attack, cyberattack, group, hacker, hacking, malware, russia

A major cyberattack that nearly cut electricity to half-a-million people in Poland last year was reportedly carried out by the Russia-linked hacking group Sandworm, which likely attempted to knock out systems using wiper malware. First seen on therecord.media Jump to article: therecord.media/russia-eset-sandworm-poland-hack
New Malware Toolkit Redirects Victims to Malicious Sites Without Changing the URL

Jan 26, 2026 4:21 PM

Tags: browser, chrome, cyber, cybercrime, google, malicious, malware, russia

A dangerous new malware toolkit is being sold on Russian cybercrime forums that can redirect victims to fake websites while keeping the real domain name visible in their browser’s address bar. The toolkit, called Stanley, costs between $2,000 and $6,000 and comes with a guarantee that it will pass Google’s Chrome Web Store review process.…
Poland repels data-wiping malware attack on energy systems

Jan 26, 2026 2:21 PM

Tags: attack, cyber, data, infrastructure, malware, russia

Suspected Russian cyber attackers tried to take down parts of Poland’s energy infrastructure with new data-wiping malware and failed. According to information shared … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/26/poland-energy-malware-attack/
$6,000 “Stanley” Toolkit Sold on Russian Forums Fakes Secure URLs in Chrome

Jan 26, 2026 1:18 PM

Tags: browser, chrome, google, malicious, russia

Say hello to Stanley, a new malicious toolkit that guarantees bypassing Google’s Chrome Web Store review process. First seen on hackread.com Jump to article: hackread.com/stanley-toolkit-russia-forum-fakes-chrome-urls/
Wiper Attack on Polish Power Grid Linked to Russia’s Sandworm

Jan 26, 2026 12:21 PM

Tags: apt, attack, cyber, group, russia

A destructive cyber attack targeting Poland’s energy sector has been linked to Russian APT group Sandworm First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/wiper-attack-polish-power-grid/
Konni Hackers Deploy AI-Generated PowerShell Backdoor Against Blockchain Developers

Jan 26, 2026 11:21 AM

Tags: ai, backdoor, blockchain, hacker, india, intelligence, korea, malware, north-korea, phishing, powershell, russia, threat, tool, ukraine

The North Korean threat actor known as Konni has been observed using PowerShell malware generated using artificial intelligence (AI) tools to target developers and engineering teams in the blockchain sector.The phishing campaign has targeted Japan, Australia, and India, highlighting the adversary’s expansion of the targeting scope beyond South Korea, Russia, Ukraine, and European nations, Check…
Russia-linked Sandworm APT implicated in major cyber attack on Poland’s power grid

Jan 26, 2026 10:21 AM

Tags: apt, attack, cyber, cyberattack, russia

Russia-linked APT Sandworm launched what was described as the largest cyber attack on Poland’s power grid in Dec 2025. ESET linked a late-2025 cyberattack on Poland’s energy system to the Russia-linked Sandworm APT. “Based on our analysis of the malware and associated TTPs, we attribute the attack to the Russia-aligned Sandworm APT with medium confidence due to…
Russia-linked Sandworm APT implicated in major cyber attack on Poland’s power grid

Jan 26, 2026 10:21 AM

Tags: apt, attack, cyber, cyberattack, russia

Russia-linked APT Sandworm launched what was described as the largest cyber attack on Poland’s power grid in Dec 2025. ESET linked a late-2025 cyberattack on Poland’s energy system to the Russia-linked Sandworm APT. “Based on our analysis of the malware and associated TTPs, we attribute the attack to the Russia-aligned Sandworm APT with medium confidence due to…
Sandworm hackers linked to failed wiper attack on Poland’s energy systems

Jan 24, 2026 11:33 PM

Tags: attack, cyberattack, data, group, hacker, hacking, malware, russia

A cyberattack targeting Poland’s power grid in late December 2025 has been linked to the Russian state-sponsored hacking group Sandworm, which attempted to deploy a new destructive data-wiping malware dubbed DynoWiper during the attack.. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sandworm-hackers-linked-to-failed-wiper-attack-on-polands-energy-systems/
Poland’s energy grid was targeted by never-before-seen wiper malware

Jan 24, 2026 9:30 PM

Tags: attack, malware, russia, ukraine

Destructive payload unleashed on 10-year anniversary of Russia’s attack on Ukraine’s grid. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/01/wiper-malware-targeted-poland-energy-grid-but-failed-to-knock-out-electricity/
Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware

Jan 24, 2026 1:30 PM

Tags: access, attack, business, fortinet, phishing, ransomware, rat, russia, social-engineering

A new multi-stage phishing campaign has been observed targeting users in Russia with ransomware and a remote access trojan called Amnesia RAT.”The attack begins with social engineering lures delivered via business-themed documents crafted to appear routine and benign,” Fortinet FortiGuard Labs researcher Cara Lin said in a technical breakdown published this week. “These documents and…
New DynoWiper Malware Used in Attempted Sandworm Attack on Polish Power Sector

Jan 24, 2026 10:30 AM

Tags: attack, country, cyber, group, hacking, malware, russia

The Russian nation-state hacking group known as Sandworm has been attributed to what has been described as the “largest cyber attack” targeting Poland’s power system in the last week of December 2025.The attack was unsuccessful, the country’s energy minister, Milosz Motyka, said last week.”The command of the cyberspace forces has diagnosed in the last days…
Researchers say Russian government hackers were behind attempted Poland power outage

Jan 23, 2026 10:30 PM

Tags: government, group, hacker, hacking, infrastructure, malware, russia

Security researchers have attributed the attempted use of destructive “wiper” malware across Poland’s energy infrastructure in late December to a Russian-backed hacking group known for causing power outages in neighboring Ukraine. First seen on techcrunch.com Jump to article: techcrunch.com/2026/01/23/researchers-say-russian-government-hackers-were-behind-attempted-poland-power-outage/
Ransomware Hackers Leak Under Armour Customer Data

Jan 23, 2026 9:31 PM

Tags: data, data-breach, extortion, group, hacker, leak, ransomware, russia

Russia-Linked Ransomware Group Dumps Customer Data After Failed Extortion Attempt. Under Armour may trade on the blood, sweat, respect slogan, but a Russia-linked ransomware group hasn’t been abiding, after they stole data pertaining to 72.7 million of the athleisure giant’s customers, then leaked it on darkweb sites after saying the retailer refused to pay a…
Germany expels Russian diplomat accused of spying on Ukraine war effort

Jan 23, 2026 2:30 PM

Tags: germany, russia, ukraine

“Russia’s aggressive actions have consequences,” Foreign Minister Johann Wadephul said after Germany announced a Russian diplomat had been expelled on suspicions of espionage. First seen on therecord.media Jump to article: therecord.media/germany-expels-russian-diplomat-accused-spying-ukraine-war
Leader of ransomware crew pleads guilty to four-year crime spree

Jan 22, 2026 10:45 PM

Tags: attack, crime, ransomware, russia

Ianis Antropenko, a Russian national living in California, admitted to committing ransomware attacks against at least 50 victims. He faces up to 25 years in jail. First seen on cyberscoop.com Jump to article: cyberscoop.com/ianis-antropenko-russian-ransomware-leader-guilty/
New Multi-Stage Windows Malware Disables Microsoft Defender, Deploys Malicious Payloads

Jan 22, 2026 11:30 AM

Tags: business, cloud, cyber, exploit, malicious, malware, microsoft, russia, service, social-engineering, windows

A sophisticated multi-stage malware campaign targeting Russian users, leveraging social engineering, legitimate cloud services, and native Windows functionality to achieve full system compromise without exploiting vulnerabilities. The campaign begins with deceptively crafted business-themed documents delivered via compressed archives. Victims receive Russian-language files that appear to be routine accounting tasks, but the archive contains a malicious…
Black Basta’s alleged ringleader identified as authorities raid homes of other members

Jan 21, 2026 6:38 PM

Tags: interpol, ransomware, russia

Oleg Evgenievich Nefedov, a 35-year-old Russian national, is accused of forming and running the ransomware outfit since 2022. He’s now on Europol and Interpol’s most-wanted lists. First seen on cyberscoop.com Jump to article: cyberscoop.com/black-basta-leader-europol-most-wanted-list/
Pro-Russian denial-of-service attacks target UK, NCSC warns

Jan 21, 2026 1:13 PM

Tags: attack, cyber, group, hacking, russia, service, threat

The UK’s National Cyber Security Centre (NCSC) has issued a warning about the threat posed by distributed denial-of-service (DDoS) attacks from Russia-linked hacking groups who are reported to be continuing to target British organisations. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/pro-russian-denial-of-service-attacks-target-uk-ncsc-warns
Pro-Russian hacktivist campaigns continue against UK organizations

Jan 21, 2026 12:13 PM

Tags: cyber, group, russia

The UK’s National Cyber Security Centre reports ongoing cyber operations by Russian-aligned hacktivist groups targeting organizations in the UK and abroad. NoName057(16) … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/21/russian-hacktivist-groups-target-uk-organizations/