Tag: russia

What is AI fuzzing? And what tools, threats and challenges generative AI brings

Jan 15, 2026 9:11 AM

Tags: ai, attack, breach, ceo, chatgpt, china, cisco, cve, cyber, cyberattack, cybercrime, cybersecurity, data, finance, gartner, google, government, group, hacker, injection, intelligence, LLM, malicious, mitre, open-source, RedTeam, russia, service, social-engineering, software, sql, technology, threat, tool, usa, vulnerability

How fuzzing works: In 2019, AI meant machine learning, and it was emerging as a new technique for generating test cases. The way traditional fuzzing works is you generate a lot of different inputs to an application in an attempt to crash it. Since every application accepts inputs in different ways, that requires a lot…
CERT-UA reports PLUGGYAPE cyberattacks on defense forces

Jan 14, 2026 10:12 PM

Tags: attack, blizzard, computer, cyberattack, defense, government, group, malware, russia, ukraine

CERT-UA reported PLUGGYAPE malware attacks on Ukraine’s defense forces, linked with medium confidence to Russia’s Void Blizzard group. The Computer Emergency Response Team of Ukraine (CERT-UA) reported new cyberattacks against Ukraine’s defense forces using PLUGGYAPE malware. Government experts attributed the attack with medium confidence to the Russian-linked group Void Blizzard (aka Laundry Bear, UAC-0190), active…
Poland says it repelled major cyberattack on power grid, blames Russia

Jan 14, 2026 7:11 PM

Tags: cyberattack, infrastructure, russia

Poland narrowly avoided a large-scale power outage by thwarting what officials described as the most serious cyberattack on its energy infrastructure in years. First seen on therecord.media Jump to article: therecord.media/poland-cyberattack-grid-russia
Hacker Claims Full Breach of Russia’s Max Messenger, Threatens Public Leak

Jan 14, 2026 7:11 PM

Tags: breach, data, hacker, leak, russia

A hacker claims a full breach of Russia’s Max Messenger, threatening to leak user data and backend systems if demands are not met. First seen on hackread.com Jump to article: hackread.com/hacker-russia-max-messenger-breach-data-leak/
PLUGGYAPE Malware Uses Signal and WhatsApp to Target Ukrainian Defense Forces

Jan 14, 2026 7:11 PM

Tags: attack, blizzard, computer, cyber, defense, group, hacking, malware, russia, threat, ukraine

The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed details of new cyber attacks targeting its defense forces with malware known as PLUGGYAPE between October and December 2025.The activity has been attributed with medium confidence to a Russian hacking group tracked as Void Blizzard (aka Laundry Bear or UAC-0190). The threat actor is believed…
Senior military cyber operator removed from Russia task force

Jan 13, 2026 7:02 PM

Tags: cyber, military, russia

The officer was “relieved for cause” due to disagreements over operations by the organization’s chief. First seen on therecord.media Jump to article: therecord.media/senior-military-cyber-op-removed-russia-task-force
Russia’s Crackdown on Probiv Data Leaks May Have Fed the Beast Instead

Jan 13, 2026 11:02 AM

Tags: control, data, leak, russia, threat

Explore how Russia’s efforts to control the probiv market highlight the challenges of data leaks, insider threats, and the conflict between control and security. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/russias-crackdown-on-probiv-data-leaks-may-have-fed-the-beast-instead/
Russian BlueDelta (Fancy Bear) Uses PDFs to Steal Logins in Just 2 Seconds

Jan 13, 2026 12:02 AM

Tags: google, grc, hacker, login, microsoft, russia

New research from Recorded Future reveals how Russian state hackers (BlueDelta) are using fake Microsoft and Google login portals to steal credentials. The campaign involves using legitimate PDF lures from GRC and EcoClimate to trick victims. First seen on hackread.com Jump to article: hackread.com/russian-bluedelta-fancy-bear-pdfs-steal-login/
Botnet Threat Update July to December 2025

Jan 12, 2026 11:01 PM

Tags: access, botnet, cloud, malware, russia, threat, update

Botnet Command & Controller (C&C) activity increased 24% this period, with Remote Access Trojans (RATs) accounting for 42% of the Top 20 malware associated with botnets. Learn which Russia-based registrar saw a +9,608% surge in botnet C&C domains”, and which major cloud providers are taking action. Read the full report. First seen on securityboulevard.com Jump…
Sweden detains ex-military IT consultant suspected of spying for Russia

Jan 12, 2026 9:02 PM

Tags: intelligence, military, russia

A 33-year-old former IT consultant for Sweden’s Armed Forces has been detained on suspicions of spying for Russian intelligence, Swedish prosecutors said. First seen on therecord.media Jump to article: therecord.media/sweden-detains-it-consultant-russia
Illicit Crypto Economy Surges Amid Increased Nation-State Activity

Jan 12, 2026 4:02 PM

Tags: crypto, cybercrime, iran, russia

Cybercriminal cryptocurrency transactions totaled billions in 2025, with activity from sanctioned countries like Russia and Iran causing the largest jump. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/illicit-crypto-economy-surges-nation-states
Iran-linked MuddyWater APT deploys Rust-based implant in latest campaign

Jan 12, 2026 12:02 PM

Tags: access, apt, attack, awareness, cctv, china, communications, computer, control, defense, detection, email, encryption, endpoint, espionage, framework, government, group, india, intelligence, iran, malware, military, network, phishing, russia, rust, threat, tool, training

Rust offers evasion advantages: CloudSEK researchers said RustyWater was developed in Rust, which they said is increasingly used by malware authors for its memory safety features and cross-platform capabilities, according to the blog post. Other state-sponsored groups, including Russia’s Gossamer Bear and China-linked actors, have also deployed Rust-based malware in recent campaigns, according to security…
Credential-harvesting attacks by APT28 hit Turkish, European, and Central Asian organizations

Jan 12, 2026 12:02 PM

Tags: attack, credentials, cyberespionage, group, russia

Russia-linked cyberespionage group APT28 targets energy, nuclear, and policy staff in Turkey, Europe, North Macedonia, and Uzbekistan with credential-harvesting attacks. Between February and September 2025, Recorded Future’s Insikt Group observed Russia-linked group APT28 (aka UAC-0001, Fancy Bear, Pawn Storm, Sofacy Group, Sednit, BlueDelta, and STRONTIUM) running credential-harvesting campaigns. Targets included Turkish energy and nuclear agency staff, European think tank personnel, and organizations…
Basketball player arrested for alleged ransomware ties freed in Russia-France prisoner swap

Jan 9, 2026 9:02 PM

Tags: ransomware, russia

Daniil Kasatkin, 26, was seen in a video shared by Russian state news outlet TASS emerging from a plane that was then used to send French researcher Laurent Vinatier back to France. First seen on therecord.media Jump to article: therecord.media/france-frees-russian-basketball-player-ransomware-swap
Illicit Crypto Economy Surges as Nation-States Join in the Fray

Jan 9, 2026 8:01 PM

Tags: crypto, cybercrime, iran, russia

Cybercriminal cryptocurrency transactions totaled billions in 2025, with activity from sanctioned countries like Russia and Iran causing the largest jump. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/illicit-crypto-economy-surges-nation-states
Russian APT28 Runs Credential-Stealing Campaign Targeting Energy and Policy Organizations

Jan 9, 2026 6:01 PM

Tags: attack, credentials, russia, threat

Russian state-sponsored threat actors have been linked to a fresh set of credential harvesting attacks targeting individuals associated with a Turkish energy and nuclear research agency, as well as staff affiliated with a European think tank and organizations in North Macedonia and Uzbekistan.The activity has been attributed to APT28 (aka BlueDelta), which was attributed to…
Russia’s Fancy Bear APT Doubles Down on Global Secrets Theft

Jan 9, 2026 5:01 PM

Tags: apt, group, malware, russia, theft

The notorious Russian state-sponsored group relies on basic techniques that are highly effective, often delivering greater ROI than more complex malware-heavy operations. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/russian-apt-credentials-global-targets
Notorious Russian APT Nabs Credentials From Global Targets

Jan 9, 2026 4:01 PM

Tags: apt, credentials, malware, russia

Fancy Bear relies on basic techniques that are highly effective, often delivering greater ROI than more complex malware-heavy operations. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/russian-apt-credentials-global-targets
BlueDelta Espionage: Russian Hackers Abuse Free Apps to Target Energy Sector

Jan 9, 2026 5:01 AM

Tags: espionage, hacker, russia

The post BlueDelta Espionage: Russian Hackers Abuse Free Apps to Target Energy Sector appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/bluedelta-espionage-russian-hackers-abuse-free-apps-to-target-energy-sector/
Cyber Retaliation Risks Rise After US-Venezuela Operation

Jan 9, 2026 1:01 AM

Tags: china, cisa, cyber, cybersecurity, infrastructure, military, risk, russia, threat

CISA Warns of Retaliatory Cyber Action From Hostile State Actors After Venezuela. Federal cybersecurity officials are warning of a likely uptick in retaliatory cyber activity from China and Russia-linked threat actors after the U.S. military raid in Venezuela, urging infrastructure operators to brace for disruptive probing and attacks. First seen on govinfosecurity.com Jump to article:…
The 2 faces of AI: How emerging models empower and endanger cybersecurity

Jan 8, 2026 8:02 PM

Tags: ai, api, attack, compliance, credentials, cyber, cybersecurity, data, deep-fake, defense, detection, endpoint, espionage, exploit, finance, flaw, framework, GDPR, google, governance, government, group, guide, hacker, HIPAA, incident response, injection, intelligence, LLM, malicious, malware, mandiant, microsoft, network, PCI, penetration-testing, privacy, risk, russia, scam, security-incident, service, social-engineering, strategy, tactics, threat, tool, vulnerability, zero-day

Self-modifying, evasive malware More recently, the researchers at Google Threat Intelligence Group (GTIG) identified a disturbing new trend: malware that uses LLMs during execution to dynamically alter its own behavior and evade detection. This is not pre-generated code, this is code that adapts mid-execution.In June 2025, GTIG identified an experimental malware called PROMPTFLUX, which connects…
The 2 faces of AI: How emerging models empower and endanger cybersecurity

Jan 8, 2026 8:02 PM

Tags: ai, api, attack, compliance, credentials, cyber, cybersecurity, data, deep-fake, defense, detection, endpoint, espionage, exploit, finance, flaw, framework, GDPR, google, governance, government, group, guide, hacker, HIPAA, incident response, injection, intelligence, LLM, malicious, malware, mandiant, microsoft, network, PCI, penetration-testing, privacy, risk, russia, scam, security-incident, service, social-engineering, strategy, tactics, threat, tool, vulnerability, zero-day

Self-modifying, evasive malware More recently, the researchers at Google Threat Intelligence Group (GTIG) identified a disturbing new trend: malware that uses LLMs during execution to dynamically alter its own behavior and evade detection. This is not pre-generated code, this is code that adapts mid-execution.In June 2025, GTIG identified an experimental malware called PROMPTFLUX, which connects…
BlueDelta Hackers Target Microsoft OWA, Google, and Sophos VPN to Steal Credentials

Jan 8, 2026 10:01 AM

Tags: credentials, cyber, google, group, hacker, infrastructure, microsoft, russia, sophos, theft, threat, vpn

A sophisticated credential-harvesting operation conducted by BlueDelta, a Russian state-sponsored threat group linked to the GRU’s Main Directorate, targeted critical infrastructure organizations and research institutions throughout 2025, according to a comprehensive investigation by Recorded Future’s Insikt Group. The campaign, spanning February through September 2025, represents a significant evolution in the group’s persistent credential-theft operations, with…
DDoSia Powers Affiliate-Driven Hacktivist Attacks

Jan 7, 2026 4:01 PM

Tags: attack, government, group, russia, service, tool, ukraine

Pro-Russian group NoName057(16) uses a custom denial-of-service tool to mobilize volunteers and disrupt government, media, and institutional sites tied to Ukraine and the West. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/ddosia-powers-volunteer-driven-hacktivist-attacks
Fake Booking.com emails and BSODs used to infect hospitality staff

Jan 7, 2026 12:01 PM

Tags: email, russia

Suspected Russian attackers are targeting the hospitality sector with fake Booking.com emails and a fake >>Blue Screen of Death
New ClickFix Attack Uses Fake BSOD to Trick Users into Running Malicious Code

Jan 6, 2026 3:52 PM

Tags: attack, cyber, email, infection, malicious, malware, phishing, russia, social-engineering, threat

Securonix threat researchers have uncovered a stealthy malware campaign, tracked as PHALT#BLYX, targeting the hospitality sector with a sophisticated >>ClickFix
Russia-linked APT UAC-0184 uses Viber to spy on Ukrainian military in 2025

Jan 6, 2026 12:52 AM

Tags: apt, data, espionage, government, intelligence, malicious, military, monitoring, russia, spy, threat, ukraine

Russia-linked APT UAC-0184 targets Ukrainian military and government bodies via Viber, delivering malicious ZIP files for espionage in 2025. Russia-linked threat actor UAC-0184 (aka Hive0156) is targeting Ukrainian military and government entities, using Viber messages to deliver malicious ZIP files as part of ongoing intelligence-gathering operations in 2025. >>Recent monitoring data from the 360 “‹”‹Advanced…
Russia-linked APT UAC-0184 uses Viber to spy on Ukrainian military in 2025

Jan 6, 2026 12:52 AM

Tags: apt, data, espionage, government, intelligence, malicious, military, monitoring, russia, spy, threat, ukraine

Russia-linked APT UAC-0184 targets Ukrainian military and government bodies via Viber, delivering malicious ZIP files for espionage in 2025. Russia-linked threat actor UAC-0184 (aka Hive0156) is targeting Ukrainian military and government entities, using Viber messages to deliver malicious ZIP files as part of ongoing intelligence-gathering operations in 2025. >>Recent monitoring data from the 360 “‹”‹Advanced…
Russia-linked APT UAC-0184 uses Viber to spy on Ukrainian military in 2025

Jan 6, 2026 12:52 AM

Tags: apt, data, espionage, government, intelligence, malicious, military, monitoring, russia, spy, threat, ukraine

Russia-linked APT UAC-0184 targets Ukrainian military and government bodies via Viber, delivering malicious ZIP files for espionage in 2025. Russia-linked threat actor UAC-0184 (aka Hive0156) is targeting Ukrainian military and government entities, using Viber messages to deliver malicious ZIP files as part of ongoing intelligence-gathering operations in 2025. >>Recent monitoring data from the 360 “‹”‹Advanced…
Russian hackers target European hospitality industry with ‘blue screen of death’ malware

Jan 5, 2026 9:52 PM

Tags: hacker, malware, russia

The scheme starts with a fake reservation cancellation that impersonates a popular booking site, and eventually prompts victims with an error message and “Blue Screen of Death” page. First seen on therecord.media Jump to article: therecord.media/russian-hackers-europe-hospitality-blue-screen