Tag: ukraine

Breach Roundup: Italy Thwarts Russian Olympic Hacks

Feb 6, 2026 12:16 AM

Tags: attack, breach, cyberattack, exploit, flaw, ivanti, microsoft, russia, supply-chain, ukraine

Also, Active Exploits Hit SolarWinds, Ivanti as APT28 Targets EU, Ukraine. This week, Italy blocked Russian cyberattacks targeting the Olympics. Flaws in SolarWinds, Ivanti and Microsoft Office. Russia’s APT28 ramped up attacks in Ukraine, supply chain attacks, regulators probed major breaches and a U.S. judge sentenced the operator of a darkweb drug marketplace. First seen…
Ukraine tightens controls on Starlink terminals to counter Russian drones

Feb 4, 2026 6:14 PM

Tags: attack, control, Internet, military, russia, technology, ukraine

Ukraine has rolled out a verification system for Starlink satellite internet terminals used by civilians and the military after confirming that Russian forces have begun installing the technology on attack drones. First seen on therecord.media Jump to article: therecord.media/ukraine-tightens-starlink-controls-counter-russian-drones
Op Neusploit: Russian APT28 Uses Microsoft Office Flaw in Malware Attacks

Feb 3, 2026 8:13 PM

Tags: attack, control, email, exploit, flaw, group, malware, microsoft, office, russia, ukraine

A new campaign by the Russian-linked group APT28, called Op Neusploit, exploits a Microsoft Office flaw to steal emails for remote control of devices in Ukraine, Slovakia, and Romania. First seen on hackread.com Jump to article: hackread.com/op-neusploit-russia-apt28-microsoft-office-malware/
Russian state hackers exploit new Microsoft Office flaw in attacks on Ukraine, EU

Feb 3, 2026 6:14 PM

Tags: attack, computer, cve, exploit, flaw, hacker, microsoft, office, russia, ukraine

Ukraine’s computer emergency response team, CERT-UA, said attackers began abusing the flaw, tracked as CVE-2026-21509, shortly after Microsoft disclosed it in early January. First seen on therecord.media Jump to article: therecord.media/russian-state-hackers-exploit-new-microsoft-flaw
APT28 Exploits Active Microsoft Office Zero-Day to Deliver Malware

Feb 3, 2026 11:13 AM

Tags: attack, cyber, exploit, group, malware, microsoft, office, russia, threat, ukraine, vulnerability, zero-day

The Russia-linked advanced persistent threat group APT28 has been observed actively exploiting a zero-day vulnerability in Microsoft Office to deliver malware through a sophisticated multi-stage attack campaign. Security researchers from Zscaler ThreatLabz identified this new operation, dubbed Operation Neusploit, targeting users across Central and Eastern Europe with weaponized RTF documents. The campaign specifically targeted Ukraine,…
APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks

Feb 3, 2026 11:13 AM

Tags: attack, cve, espionage, exploit, flaw, group, hacking, malware, microsoft, office, russia, threat, ukraine

The Russia-linked state-sponsored threat actor known as APT28 (aka UAC-0001) has been attributed to attacks exploiting a newly disclosed security flaw in Microsoft Office as part of a campaign codenamed Operation Neusploit.Zscaler ThreatLabz said it observed the hacking group weaponizing the shortcoming on January 29, 2026, in attacks targeting users in Ukraine, Slovakia, and Romania,…
APT28 Leverages CVE-2026-21509 in Operation Neusploit

Feb 3, 2026 8:13 AM

Tags: access, api, attack, backdoor, cloud, communications, control, cve, data, detection, email, encryption, endpoint, exploit, github, group, infection, malicious, malware, microsoft, office, open-source, phishing, russia, service, startup, threat, tool, ukraine, update, vulnerability, windows

IntroductionIn January 2026, Zscaler ThreatLabz identified a new campaign in-the-wild, tracked as Operation Neusploit, targeting countries in the Central and Eastern European region. In this campaign, the threat actor leveraged specially crafted Microsoft RTF files to exploit CVE-2026-21509 and deliver malicious backdoors in a multi-stage infection chain. Due to significant overlaps in tools, techniques, and procedures (TTPs)…
Russian hackers exploit recently patched Microsoft Office bug in attacks

Feb 2, 2026 11:14 PM

Tags: attack, computer, cve, exploit, hacker, microsoft, office, russia, ukraine, vulnerability

Ukraine’s Computer Emergency Response Team (CERT) says that Russian hackers are exploiting CVE-2026-21509, a recently patched vulnerability in multiple versions of Microsoft Office. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-hackers-exploit-recently-patched-microsoft-office-bug-in-attacks/
DynoWiper Malware Targets Energy Firms in Destructive Data-Wiping Attacks

Feb 2, 2026 11:14 PM

Tags: attack, cyber, data, malware, tactics, ukraine

A new data-wiping malware dubbed DynoWiper, deployed against an energy company in Poland in late December 2025. The malware’s tactics, techniques, and procedures closely mirror those observed in earlier ZOV wiper incidents in Ukraine, prompting ESET to attribute DynoWiper to Sandworm with medium confidence. Unlike ZOV, which carries a high-confidence Sandworm attribution, the lower confidence…
Russia-linked APT28 attackers already abusing new Microsoft Office zero-day

Feb 2, 2026 8:14 PM

Tags: exploit, microsoft, office, russia, ukraine, zero-day

Ukraine’s CERT says the bug went from disclosure to active exploitation in days First seen on theregister.com Jump to article: www.theregister.com/2026/02/02/russialinked_apt28_microsoft_office_bug/
Fancy Bear Exploits Microsoft Office Flaw in Ukraine, EU Cyber-Attacks

Feb 2, 2026 2:13 PM

Tags: attack, cyber, exploit, flaw, group, hacking, microsoft, office, russia, ukraine, vulnerability

Russia-linked hacking group Fancy Bear is exploiting a brand-new vulnerability in Microsoft Office, CERT-UA says First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fancy-bear-exploits-office-flaw/
Latvia says Russia remains its top cyber threat as attacks hit record high

Jan 29, 2026 4:26 PM

Tags: attack, country, cyber, russia, service, threat, ukraine

In its annual report released this week, Latvia’s national security service, SAB, said 2025 marked an all-time high in registered cyber threats targeting the country, with activity surging significantly past levels seen before Russia’s invasion of Ukraine in 2022. First seen on therecord.media Jump to article: therecord.media/latvia-says-russia-remains-top-cyber-threat-record-attacks
Konni Hackers Deploy AI-Generated PowerShell Backdoor Against Blockchain Developers

Jan 26, 2026 11:21 AM

Tags: ai, backdoor, blockchain, hacker, india, intelligence, korea, malware, north-korea, phishing, powershell, russia, threat, tool, ukraine

The North Korean threat actor known as Konni has been observed using PowerShell malware generated using artificial intelligence (AI) tools to target developers and engineering teams in the blockchain sector.The phishing campaign has targeted Japan, Australia, and India, highlighting the adversary’s expansion of the targeting scope beyond South Korea, Russia, Ukraine, and European nations, Check…
Poland’s energy grid was targeted by never-before-seen wiper malware

Jan 24, 2026 9:30 PM

Tags: attack, malware, russia, ukraine

Destructive payload unleashed on 10-year anniversary of Russia’s attack on Ukraine’s grid. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/01/wiper-malware-targeted-poland-energy-grid-but-failed-to-knock-out-electricity/
Germany expels Russian diplomat accused of spying on Ukraine war effort

Jan 23, 2026 2:30 PM

Tags: germany, russia, ukraine

“Russia’s aggressive actions have consequences,” Foreign Minister Johann Wadephul said after Germany announced a Russian diplomat had been expelled on suspicions of espionage. First seen on therecord.media Jump to article: therecord.media/germany-expels-russian-diplomat-accused-spying-ukraine-war
Ransomware ‘Most Wanted’: Cops Seek Head of Black Basta

Jan 19, 2026 10:13 PM

Tags: cybercrime, group, international, ransom, ransomware, russia, ukraine

Crackdown Targets Multiple Members of Cybercrime Group, Including ‘Hash Crackers’. Police raided two suspected members of the notorious Black Basta ransomware group – tied to over 600 victims worldwide and many millions in ransom payments – in Ukraine and issued an international arrest warrant for the Russian national suspected of being the operation’s founder and…
Law enforcement tracks ransomware group blamed for massive financial losses

Jan 19, 2026 1:13 PM

Tags: finance, germany, group, law, ransomware, russia, ukraine

Law enforcement agencies in Ukraine and Germany have identified two members of a Russian-affiliated ransomware group and carried out searches in western Ukraine. Search … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/19/international-ransomware-group-investigation-ukraine/
Suspects Linked to Black Basta Ransomware Group Raided in Ukraine

Jan 19, 2026 1:13 PM

Tags: group, interpol, ransomware, ukraine

Oleg Evgenievich Nefedov, allegedly one of the founders of Black Basta, was also placed on Europol’s and Interpol’s Most Wanted lists First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/suspects-black-basta-ransomware/
Fahndung nach Kopf von Black Basta

Jan 19, 2026 12:13 PM

Tags: cyberattack, extortion, germany, ransomware, ukraine

Das BKA und die ZIT fahnden nach dem mutmaßlichen Anführer der Ransomware-Gruppe Black Basta. Die Erpresserbande ist für zahlreiche Angriffe in Deutschland verantwortlich. Die Behörden gehen gegen Akteure der Ransomware-Gruppierung Black Basta vor. Dabei wurden Wohnräume in der Ukraine durchsucht und Beweismittel gesichert. Gegen den mutmaßlichen Kopf der Gruppierung wird mit Haftbefehl gefahndet, wie das Bundeskriminalamt…
EU and INTERPOL Hunt Black Basta Ransomware Kingpin, Suspects Identified in Ukraine

Jan 19, 2026 9:13 AM

Tags: group, international, interpol, law, ransomware, russia, service, ukraine

European and international law enforcement agencies have intensified their pursuit of individuals connected to the Black Basta ransomware operation. Authorities confirmed that the alleged leader of the Russia-linked ransomware-as-a-service (RaaS) group has been placed on both the European Union’s Most Wanted list and INTERPOL’s Red Notice, while Ukrainian and German investigators have identified two additional…
UkraineGermany operation targets Black Basta, Russian leader wanted

Jan 17, 2026 9:14 PM

Tags: germany, group, international, law, office, ransomware, russia, ukraine

Police in Ukraine and Germany identified Black Basta suspects and issued an international wanted notice for the group’s alleged Russian leader. Ukrainian and German police raided homes linked to alleged Black Basta ransomware members, identifying two Ukrainian suspects. Law enforcement also issued an international wanted notice for the group’s alleged Russian ringleader. >>The Office of…
Black Basta Ransomware Leader Added to EU Most Wanted and INTERPOL Red Notice

Jan 17, 2026 8:13 PM

Tags: group, interpol, law, ransomware, russia, service, ukraine

Ukrainian and German law enforcement authorities have identified two Ukrainians suspected of working for the Russia-linked ransomware-as-a-service (RaaS) group Black Basta.In addition, the group’s alleged leader, a 35-year-old Russian national named Oleg Evgenievich Nefedov (ÐÐµÑ„ÐµÐ´Ð¾Ð² ÐžÐ»ÐµÐ³ Ð•Ð²Ð³ÐµÐ½ÑŒÐµÐ²Ð¸Ñ‡), has been added to the European Union’s Most Wanted and INTERPOL’s Red Notice lists, authorities First seen on…
Black Basta Ransomware Leader Added to EU Most Wanted and INTERPOL Red Notice

Jan 17, 2026 7:14 PM

Tags: group, interpol, law, ransomware, russia, service, ukraine

Ukrainian and German law enforcement authorities have identified two Ukrainians suspected of working for the Russia-linked ransomware-as-a-service (RaaS) group Black Basta.In addition, the group’s alleged leader, a 35-year-old Russian national named Oleg Evgenievich Nefedov (ÐÐµÑ„ÐµÐ´Ð¾Ð² ÐžÐ»ÐµÐ³ Ð•Ð²Ð³ÐµÐ½ÑŒÐµÐ²Ð¸Ñ‡), has been added to the European Union’s Most Wanted and INTERPOL’s Red Notice lists, authorities First seen on…
CERT-UA reports PLUGGYAPE cyberattacks on defense forces

Jan 14, 2026 10:12 PM

Tags: attack, blizzard, computer, cyberattack, defense, government, group, malware, russia, ukraine

CERT-UA reported PLUGGYAPE malware attacks on Ukraine’s defense forces, linked with medium confidence to Russia’s Void Blizzard group. The Computer Emergency Response Team of Ukraine (CERT-UA) reported new cyberattacks against Ukraine’s defense forces using PLUGGYAPE malware. Government experts attributed the attack with medium confidence to the Russian-linked group Void Blizzard (aka Laundry Bear, UAC-0190), active…
Ukraine appoints digital chief as defense minister to drive military reform

Jan 14, 2026 7:11 PM

Tags: country, defense, military, service, ukraine

Ukraine’s parliament appointed Mykhailo Fedorov, the digital transformation minister who modernized public services and helped develop drone programs for the war effort, as the country’s new defense chief. First seen on therecord.media Jump to article: therecord.media/ukraine-digital-chief-transformation
PLUGGYAPE Malware Uses Signal and WhatsApp to Target Ukrainian Defense Forces

Jan 14, 2026 7:11 PM

Tags: attack, blizzard, computer, cyber, defense, group, hacking, malware, russia, threat, ukraine

The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed details of new cyber attacks targeting its defense forces with malware known as PLUGGYAPE between October and December 2025.The activity has been attributed with medium confidence to a Russian hacking group tracked as Void Blizzard (aka Laundry Bear or UAC-0190). The threat actor is believed…
Ukraine’s army targeted in new charity-themed malware campaign

Jan 14, 2026 1:01 AM

Tags: backdoor, defense, malware, ukraine

Officials of Ukraine’s Defense Forces were targeted in a charity-themed campaign between October and December 2025 that delivered backdoor malware called PluggyApe. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ukraines-army-targeted-in-new-charity-themed-malware-campaign/
Ukraine parliament approves resignation of security service chief in major reshuffle

Jan 13, 2026 10:02 PM

Tags: service, ukraine

Vasyl Maliuk, chief of the Security Service of Ukraine (SBU), said he would step down from the post but remain in the agency to continue operations against Russia. First seen on therecord.media Jump to article: therecord.media/ukraine-parliament-approves-resignation-sbu-chief
Kremlin-linked hackers pose as charities to spy on Ukraine’s military

Jan 13, 2026 5:02 PM

Tags: hacker, military, password, spy, ukraine

Victims were prompted to download what appeared to be documents but were, in fact, executable files, often packaged in password-protected archives. First seen on therecord.media Jump to article: therecord.media/kremlin-linked-hackers-pose-as-charities-spy-ukraine
Britain goes shopping for a rapid-fire missile to help Ukraine hit back

Jan 13, 2026 12:01 PM

Tags: ukraine

Project Nightfall aims to deliver a UK-built long-range strike capability at speed First seen on theregister.com Jump to article: www.theregister.com/2026/01/13/mod_project_nightfall/