Vulnerabilities Incomplete Windows Patch Opens Door to Zero-Click Attacks The initial vulnerability was exploited by Russia-linked APT28 in attacks against Ukraine and EU countries. Ionut ArghireApril 27, 2026
Malware & Threats US Disrupts Russian Espionage Operation Involving Hacked Routers and DNS Hijacking The APT28 threat group exploited vulnerable TP-Link and MikroTik routers to conduct adversary-in-the-middle (AitM) attacks. Eduard KovacsApril 8, 2026
Malware & Threats Russia’s APT28 Rapidly Weaponizes Newly Patched Office Vulnerability The attacks targeting Europe were analyzed by Ukraine’s CERT-UA and the cybersecurity company Zscaler. Eduard KovacsFebruary 3, 2026
Malware & Threats Russia’s APT28 Targeting Energy Research, Defense Collaboration Entities APT28 was seen impersonating popular webmail and VPN services, including Microsoft OWA, Google, and Sophos VPN portals. Ionut ArghireJanuary 12, 2026
Malware & Threats Russian APT Hits Ukrainian Government With New Malware via Signal Russia-linked APT28 deployed new malware against Ukrainian government targets through malicious documents sent via Signal chats. Ionut ArghireJune 25, 2025
Malware & Threats CISA Says Russian Hackers Targeting Western Supply-Lines to Ukraine Russian military intelligence hackers intensify targeting of Western logistics and technology companies moving supplies into Ukraine. Ryan NaraineMay 21, 2025
Email Security Russian APT Exploiting Mail Servers Against Government, Defense Organizations Russia-linked APT28 has been exploiting mail server vulnerabilities against government and defense entities since September 2023. Ionut ArghireMay 16, 2025
Nation-State France Blames Russia for Cyberattacks on Dozen Entities France says the Russian state-sponsored group APT28 is responsible for targeting or compromising a dozen French entities. Ionut ArghireApril 30, 2025
Mobile & Wireless Russian Cyberspies Hacked Building Across Street From Target for Wi-Fi Attack Russian cyberspy group APT28 conducted a Nearest Neighbor Attack, where it hacked into the building across the street from the victim for a Wi-Fi... Eduard KovacsNovember 25, 2024
Nation-State Russian Cyberespionage Group Hit 60 Victims in Asia, Europe Russia-linked TAG-110 has targeted over 60 government, human rights, and educational entities in Asia and Europe. Ionut ArghireNovember 22, 2024
Cyberwarfare NATO Draws a Cyber Red Line in Tensions With Russia Weakening liberal democracies and weakening the NATO alliance are conjoined in the hybrid war that Russia is conducting against Ukraine. Kevin TownsendMay 13, 2024
Malware & Threats Russian Cyberspies Deliver ‘GooseEgg’ Malware to Government Organizations Russia-linked APT28 deploys the GooseEgg post-exploitation tool against numerous US and European organizations. Ionut ArghireApril 23, 2024
Malware & Threats US Government Urges Cleanup of Routers Infected by Russia’s APT28 The US government says Russia’s APT28 group compromised Ubiquiti EdgeRouters to run cyberespionage operations worldwide. Ionut ArghireFebruary 28, 2024
Malware & Threats FBI Dismantles Ubiquiti Router Botnet Controlled by Russian Cyberspies The US government says it has neutralized a network of hundreds of Ubiquiti Edge OS routers under the control of the Russia's APT28 hackers. Ryan NaraineFebruary 15, 2024
Cyberwarfare Russian APT Used Zero-Click Outlook Exploit Russian threat actor APT28 has been exploiting a no-interaction Outlook vulnerability in attacks against 14 countries. Ionut ArghireDecember 8, 2023