Tag: russia

APT28 Targets Ukrainian Forces While Nation-State Threats Persist Globally

Russian APT28 has been conducting extensive surveillance of Ukrainian military personnel since April 2024 using custom malware. Meanwhile, Finnish intelligence reports persistent cyber espionage from Russia and China targeting government and technology sectors.

Mar 11, 2026Security Affairs, The Record

apt28ukrainerussia

🇷🇺APT28

🇺🇸Google

highNation-State & APT

Tycoon 2FA Platform Disrupted, Russian Messaging App Attacks, AI Security Bypasses

International law enforcement disrupted the Tycoon 2FA phishing-as-a-service platform that targeted over 500,000 organizations monthly. Meanwhile, Dutch intelligence warns of Russian-linked actors targeting encrypted messaging apps used by government officials worldwide.

Mar 10, 2026Security Affairs, Palo Alto Unit 42

phishinglaw-enforcementrussia

🇺🇸Meta Platforms

mediumNation-State & APT

Russian APT Deploys New Ukraine-Targeting Malware as Law Enforcement Disrupts Global Cybercrime Operations

Russian threat actors launched a new espionage campaign against Ukraine using two undocumented malware strains. Meanwhile, international law enforcement scored major wins with takedowns of the Leakbase cybercrime forum and indictments against 62 individuals tied to the Prince Group scam operation.

Mar 5, 2026Security Affairs, The Record

russiaukraineapt

highVulnerabilities & Exploits

APT28 Macro Campaign, AI Model Theft, and Central Asian Telecom Attacks

APT28 launched Operation MacroMaze against European targets using webhook-based macro malware, while UnsolicitedBooker deployed dual backdoors against Central Asian telecoms. Meanwhile, Anthropic exposed Chinese AI companies conducting industrial-scale model theft through 16 million fraudulent queries.

Feb 24, 2026The Hacker News, SANS ISC

apt28russiabackdoor

🇷🇺APT28

highNation-State & APT

Nation-State Roundup: Russian AI-Powered Campaigns and Hybrid Warfare Operations

Russian threat actors deploy AI for mass FortiGate compromise, coordinate cyber-kinetic operations in Ukraine, and leverage ransomware for geopolitical objectives in Romania.

Feb 23, 2026Security Affairs, The Record

russiafortigateai-powered-attacks

🇺🇸Amazon

criticalNation-State & APT

Russian Hacker Leverages AI to Breach 600+ Fortinet Firewalls Across 55 Countries

Amazon reports Russian-speaking threat actor used AI services to compromise over 600 FortiGate firewalls in 55 countries within five weeks, marking escalation in AI-assisted cyberattacks.

Feb 22, 2026BleepingComputer

fortinetai-assisted-attacksrussia

🇺🇸Amazon

criticalNation-State & APT

Nation-State Roundup: CISA KEV Updates, North Korean IT Infiltration, and Russian Hybrid Warfare Escalation

CISA adds exploited RoundCube flaws to KEV, Ukrainian sentenced for North Korean IT worker scheme, PayPal breach exposes data for six months, and Dutch intelligence warns of escalating Russian hybrid...

Feb 21, 2026Security Affairs, The Record

cisa-kevroundcubenorth-korea