Email Security Russian Hackers Bypass Gmail MFA With App-Specific Password Ruse Russian hackers posed as US State Department staff and convinced targets to generate and give up Google app-specific passwords. Ryan Naraine4 days ago
Vulnerabilities Chrome 137 Update Patches High-Severity Vulnerabilities Google has released a Chrome 137 update to resolve two memory bugs in the browser’s V8 and Profiler components. Ionut Arghire4 days ago
Malware & Threats Destructive ‘PathWiper’ Targeting Ukraine’s Critical Infrastructure A Russia-linked threat actor has used the destructive malware dubbed PathWiper against a critical infrastructure organization in Ukraine. Ionut ArghireJune 6, 2025
Data Breaches Russian Government Hackers Caught Buying Passwords from Cybercriminals Microsoft flags a new Kremlin hacking team buying stolen usernames and passwords from infostealer markets for use in cyberespionage attacks. Ryan NaraineMay 27, 2025
Nation-State Dutch Intelligence Agencies Say Russian Hackers Stole Police Data in Cyberattack The agencies said that the group, which they called Laundry Bear, is actively trying to steal sensitive data from EU and NATO countries and... Associated PressMay 27, 2025
Cybercrime Russian Qakbot Gang Leader Indicted in US Russian national Rustam Gallyamov was indicted in the US for his leading role in the development and distribution of Qakbot malware. Ionut ArghireMay 23, 2025
Malware & Threats CISA Says Russian Hackers Targeting Western Supply-Lines to Ukraine Russian military intelligence hackers intensify targeting of Western logistics and technology companies moving supplies into Ukraine. Ryan NaraineMay 21, 2025
Email Security Russian APT Exploiting Mail Servers Against Government, Defense Organizations Russia-linked APT28 has been exploiting mail server vulnerabilities against government and defense entities since September 2023. Ionut ArghireMay 16, 2025
Malware & Threats Russia-Linked APT Star Blizzard Uses ClickFix to Deploy New LostKeys Malware, Google Warns Russia-linked APT Star Blizzard is using the ClickFix technique in recent attacks distributing the LostKeys malware. Ionut ArghireMay 8, 2025
Nation-State France Blames Russia for Cyberattacks on Dozen Entities France says the Russian state-sponsored group APT28 is responsible for targeting or compromising a dozen French entities. Ionut ArghireApril 30, 2025
Data Breaches Microsoft Purges Dormant Azure Tenants, Rotates Keys to Prevent Repeat Nation-State Hack Microsoft security chief Charlie Bell says the SFI's 28 objectives are “near completion” and that 11 others have made “significant progress.” Ryan NaraineApril 21, 2025
Cyberwarfare CISA: No Change on Defending Against Russian Cyber Threats The CISA public clarification follows news the Trump administration is temporarily pausing offensive cyber operations against Moscow. Ryan NaraineMarch 3, 2025
Nation-State Russian State Hackers Target Organizations With Device Code Phishing Russian hackers have been targeting government, defense, telecoms, and other organizations in a device code phishing campaign. Ionut ArghireFebruary 17, 2025
Nation-State Russian Seashell Blizzard Hackers Have Access to Critical Infrastructure: Microsoft A subgroup of the Russia-linked Seashell Blizzard is tasked with broad initial access operations to sustain long-term persistence. Ionut ArghireFebruary 12, 2025
Data Breaches HPE Says Personal Information Stolen in 2023 Russian Hack HPE is notifying an unknown number of individuals that Russian hackers accessed their personal information in a December 2023 attack. Ionut ArghireFebruary 10, 2025
Malware & Threats Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine Russian threat groups have been observed exploiting a zero-day vulnerability in 7-Zip against Ukrainian entities. Ionut ArghireFebruary 5, 2025
Government European Union Sanctions Russian Nationals for Hacking Estonia The European Union has added three Russian nationals to its sanctions list for their involvement in cyberattacks against Estonia. Ionut ArghireJanuary 28, 2025
Malware & Threats Russian Cyberspies Caught Spear-Phishing with QR Codes, WhatsApp Groups Microsoft researchers catches Russia's Star Blizzard hackers spear-phishing with QR codes and WhatsApp group chats. Ryan NaraineJanuary 16, 2025
Cybercrime US Charges 3 Russians for Operating Cryptocurrency Mixers Used by Cybercriminals The US Justice Department has announced charges against three Russians for operating the Blender and Sinbad cryptocurrency mixers. Eduard KovacsJanuary 13, 2025
Government US Imposes Sanctions on Russian and Iranian Groups Over Disinformation Targeting American Voters The United States has imposed sanctions on two groups linked to Iranian and Russian efforts to target American voters with disinformation ahead of this... Associated PressJanuary 3, 2025