Tag: russia
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 66
Tags: android, cve, cyber, exploit, extortion, international, malware, ransomware, russia, spyware, vulnerabilitySecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ransomware and Cyber Extortion in Q3 2025 Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability XWorm V6: Exploring Pivotal Plugins ClayRat: A New Android Spyware Targeting Russia Security Evaluation of Android apps…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 66
Tags: android, cve, cyber, exploit, extortion, international, malware, ransomware, russia, spyware, vulnerabilitySecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ransomware and Cyber Extortion in Q3 2025 Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability XWorm V6: Exploring Pivotal Plugins ClayRat: A New Android Spyware Targeting Russia Security Evaluation of Android apps…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 66
Tags: android, cve, cyber, exploit, extortion, international, malware, ransomware, russia, spyware, vulnerabilitySecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ransomware and Cyber Extortion in Q3 2025 Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability XWorm V6: Exploring Pivotal Plugins ClayRat: A New Android Spyware Targeting Russia Security Evaluation of Android apps…
-
Cybercrime ring GXC Team dismantled in Spain, 25-year-old leader detained
Spain’s Guardia Civil dismantled the cybercrime group “GXC Team” and arrested its 25-year-old Brazilian leader. Spanish Guardia Civil dismantled the “GXC Team” cybercrime group, arresting its 25-year-old Brazilian leader “GoogleXcoder.” The gang sold AI-powered phishing kits, Android malware, and voice-scam tools via Telegram and Russian forums, becoming a major supplier of credential theft tools in…
-
Russian spyware ClayRat is spreading, evolving quickly, according to Zimperium
The spyware poses as popular apps like TikTok, and may break free of Russian borders at some point, the researchers say. First seen on cyberscoop.com Jump to article: cyberscoop.com/russian-spyware-clayrat-is-spreading-evolving-quickly-according-to-zimperium/
-
Pro-Russia hacktivist group dies of cringe after falling into researchers’ trap
Forescout’s phony water plant fooled TwoNet into claiming a fake cyber victory then it quietly shut up shop First seen on theregister.com Jump to article: www.theregister.com/2025/10/10/russia_hacktivists_honeytrap/
-
Ukraine sees surge in AI-Powered cyberattacks by Russia-linked Threat Actors
Russia-linked actors use AI to craft phishing and malware attacks against entities in Ukraine, says SSSCIP. Russian hackers increasingly use AI in cyberattacks against Ukraine, the country’s State Service for Special Communications and Information Protection (SSSCIP) reported. Beyond AI-generated phishing, some malware samples now show AI-generated code. In H1 2025, Ukraine recorded 3,018 cyber incidents,…
-
Ukraine sees surge in AI-Powered cyberattacks by Russia-linked Threat Actors
Russia-linked actors use AI to craft phishing and malware attacks against entities in Ukraine, says SSSCIP. Russian hackers increasingly use AI in cyberattacks against Ukraine, the country’s State Service for Special Communications and Information Protection (SSSCIP) reported. Beyond AI-generated phishing, some malware samples now show AI-generated code. In H1 2025, Ukraine recorded 3,018 cyber incidents,…
-
Pro-Russian hackers caught bragging about attack on fake water utility
Cybersecurity company Forescout said a hacking group known as TwoNet fell for a honeypot that looked like the network for a Dutch water utility. First seen on therecord.media Jump to article: therecord.media/fake-water-utility-honeypot-hacked-pro-russian-group
-
Pro-Russian hackers caught bragging about attack on fake water utility
Cybersecurity company Forescout said a hacking group known as TwoNet fell for a honeypot that looked like the network for a Dutch water utility. First seen on therecord.media Jump to article: therecord.media/fake-water-utility-honeypot-hacked-pro-russian-group
-
ClayRat Android Malware Masquerades as WhatsApp Google Photos
ClayRat, a rapidly evolving Android spyware campaign, has surged in activity over the past three months, with zLabs researchers observing more than 600 unique samples and 50 distinct droppers. Primarily targeting Russian users, the malware masquerades as popular applications such as WhatsApp, Google Photos, TikTok, and YouTube, luring victims into installing malicious APKs via deceptive…
-
Pro-Russia Hacktivists “Claim” Attack on Water Utility Honeypot
Forescout said that the TwoNet actor was lured into attacking a honeypot disguised as a water treatment utility, providing insights into the group’s tactics First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russia-hacktivistsattack-water/
-
ClayRat campaign uses Telegram and phishing sites to distribute Android spyware
ClayRat Android spyware targets Russian users via fake Telegram channels and phishing sites posing as popular apps like WhatsApp and YouTube. The ClayRat Android spyware campaign targets Russian users via fake Telegram channels and phishing sites posing as popular apps like Google Photos, WhatsApp, TikTok, YouTube. Zimperium named the spyware ClayRat after its C2 server,…
-
ClayRat campaign uses Telegram and phishing sites to distribute Android spyware
ClayRat Android spyware targets Russian users via fake Telegram channels and phishing sites posing as popular apps like WhatsApp and YouTube. The ClayRat Android spyware campaign targets Russian users via fake Telegram channels and phishing sites posing as popular apps like Google Photos, WhatsApp, TikTok, YouTube. Zimperium named the spyware ClayRat after its C2 server,…
-
Clop Attacks Against Oracle E-Business Suite Trace to July
Signs Point to Multiple Exploit Chains, One Including a Zero-Day, Being Employed. Data-stealing attacks targeting Oracle E-Business Suite, for which an affiliate of Russian-speaking Clop ransomware group is claiming credit, appear to have begun by August and involved multiple attack chains, of which one targeted a zero-day vulnerability, report Google threat researchers. First seen on…
-
Pro-Russian hacking group snared by Forescout Vedere Labs honeypot
Forescout Vedere Labs published a report exposing how a pro-Russian hacktivist group was duped into thinking they had hacked a European water facility, unaware their target was in fact a carefully crafted honeypot. This “hack” provided Forescout researchers the rare opportunity to see first-hand how these groups look for and exploit weaknesses in critical infrastructure. The…
-
New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps
A rapidly evolving Android spyware campaign called ClayRat has targeted users in Russia using a mix of Telegram channels and lookalike phishing websites by impersonating popular apps like WhatsApp, Google Photos, TikTok, and YouTube as lures to install them.”Once active, the spyware can exfiltrate SMS messages, call logs, notifications, and device information; taking photos with…
-
ClayRat Spyware Campaign Targets Android Users in Russia
A new ClayRat spyware campaign has been observed targeting Russian users via fake apps on Telegram and exfiltrating data First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/clayrat-spyware-targets-android/
-
Hacktivists target critical infrastructure, hit decoy plant
A pro-Russian hacktivist group called TwoNet pivoted in less than a year from launching distributed denial-of-service (DDoS) attacks to targeting critical infrastructure. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hacktivists-target-critical-infrastructure-hit-decoy-plant/
-
From Phishing to Malware: AI Becomes Russia’s New Cyber Weapon in War on Ukraine
Russian hackers’ adoption of artificial intelligence (AI) in cyber attacks against Ukraine has reached a new level in the first half of 2025 (H1 2025), the country’s State Service for Special Communications and Information Protection (SSSCIP) said.”Hackers now employ it not only to generate phishing messages, but some of the malware samples we have analyzed…
-
Arrests Underscore Fears of Teen Cyberespionage Recruitment
Telegram Used to Lure Teen Recon Recruits. The late September arrest of two teenagers in the Netherlands on suspicion of capturing Wi-Fi signals for pro-Russian hackers has sparked warnings from security analysts over a digital drive for low-skill reconnaissance tasks by nation-state spymasters. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/arrests-underscore-fears-teen-cyberespionage-recruitment-a-29681
-
OpenAI Blocks Global Hackers Misusing ChatGPT for Cyberattacks
OpenAI halts hackers from Russia, North Korea, and China exploiting ChatGPT for malware and phishing attacks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/chatgpt-cyberattacks/
-
OpenAI Blocks Global Hackers Misusing ChatGPT for Cyberattacks
OpenAI halts hackers from Russia, North Korea, and China exploiting ChatGPT for malware and phishing attacks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/chatgpt-cyberattacks/
-
OpenAI Blocks Global Hackers Misusing ChatGPT for Cyberattacks
OpenAI halts hackers from Russia, North Korea, and China exploiting ChatGPT for malware and phishing attacks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/chatgpt-cyberattacks/
-
Russian hackers turn to AI as old tactics fail, Ukrainian CERT says
Russian hackers are now using AI not only to write phishing messages but also to generate malicious code itself. First seen on therecord.media Jump to article: therecord.media/russian-hackers-turn-to-ai-ukraine-cert
-
Open-source monitor turns into an off-the-shelf attack beacon
Tags: api, apt, attack, china, control, hacker, malware, monitoring, open-source, powershell, ransomware, rat, RedTeam, russia, software, threat, tool, windowsRiding Nezha to Ghost RAT: With the web shell in place, the attackers used AntSword to download two components: “live.exe” (the Nezha agent) and a “config.yml” that pointed to the attacker-controlled domain. The Nezha agent connected back to a management server whose dashboard was running in Russian, presumably to throw off attribution.Once Nezha was active,…
-
Russia is at ‘hybrid war’ with Europe, warns EU chief, calling for members ‘to take it very seriously’
Tags: russiaEuropean Commission President Ursula Von der Leyen urged the EU to “urgently equip itself with a strategic capacity to respond” to Russian hybrid warfare. First seen on therecord.media Jump to article: therecord.media/russia-hybrid-war-europe-von-der-leyen-speech
-
OpenAI Finds Growing Exploitation of AI Tools by Foreign Threat Groups
OpenAI’s new report warns hackers are combining multiple AI tools for cyberattacks, scams, and influence ops linked to China, Russia, and North Korea. First seen on hackread.com Jump to article: hackread.com/openai-ai-tools-exploitation-threat-groups/
-
OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks
Tags: access, ai, chatgpt, china, credentials, cyberattack, hacker, intelligence, malware, north-korea, openai, russia, threat, toolOpenAI on Tuesday said it disrupted three activity clusters for misusing its ChatGPT artificial intelligence (AI) tool to facilitate malware development.This includes a Russian”‘language threat actor, who is said to have used the chatbot to help develop and refine a remote access trojan (RAT), a credential stealer with an aim to evade detection. The operator…
-
OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks
Tags: access, ai, chatgpt, china, credentials, cyberattack, hacker, intelligence, malware, north-korea, openai, russia, threat, toolOpenAI on Tuesday said it disrupted three activity clusters for misusing its ChatGPT artificial intelligence (AI) tool to facilitate malware development.This includes a Russian”‘language threat actor, who is said to have used the chatbot to help develop and refine a remote access trojan (RAT), a credential stealer with an aim to evade detection. The operator…

