Nation-State Cyber Threats
US Justice Department Charges Russian National in Void Blizzard Case
Another indictment in a Russia-aligned case — but unlike most, this defendant is already in US custody after an extradition from Thailand.
Nation-State Cyber Threats
WinRAR Flaw Exploited by Russia-Aligned Groups Against Ukrainian Organizations
Consumer compression software remains a reliable initial-access vector in the Russia-Ukraine cyber theater.
Nation-State Cyber Threats
Gamaredon Hides a Fileless GammaWorm Inside NTFS Alternate Data Streams to Spy on Ukraine
Sekoia documented an FSB-linked Gamaredon campaign whose GammaWorm hides fileless VBScript modules inside NTFS Alternate Data Streams to spy on Ukrainian government, military, and critical-infrastructure targets while leaving almost no trace on disk.
Nation-State Cyber Threats
Russian Intelligence Is Running Cyber Spies and Fake Companies Against the Same Western Tech
Three senior European intelligence officials told The Associated Press that Russian services are building fake companies, recruiting middlemen, and deploying cyber spies to take Western technology — and treating the cyber and human lines as one operation.
Nation-State Cyber Threats
GreyVibe Used ChatGPT, Gemini and Ideogram AI Across a Likely-Russian Ukraine Campaign
WithSecure has tied a likely-Russian threat cluster named GreyVibe to a Ukraine-focused campaign that uses ChatGPT, Gemini and Ideogram AI as productivity tooling across lures, malware and post-compromise operations.
Trending
NoName057(16): How Russia Gamified DDoS Attacks on Europe with Crypto Rewards
An investigation reveals how NoName057(16) turned DDoS attacks into a cryptocurrency-rewarded 'patriotic game' — with activity increasing after Europol's Operation Eastwood crackdown rather than diminishing.
Security Research
Dutch Intelligence: Russia Weaponizing AI for Cyberattacks on Europe
MIVD annual assessment warns Moscow is using artificial intelligence to target critical infrastructure across the continent as part of a broader "great power" pressure campaign. THE HAGUE, NL — The Dutch Military Intelligence and Security Service (MIVD) has issued a strategic warning regarding the escalation of Russian cyber operations,
Threat Actors
RAMP Leak Exposes Russia's Ransomware Pipeline: 7.7K Users, 340K IPs, US Gov Targets
Leaked database reveals a structured cybercrime market connecting access brokers to 14 RaaS affiliates targeting US government and finance sectors in 40% of listings. MOSCOW / WASHINGTON, D.C. — A massive leak of the RAMP (Ransomware Access and Market Place) database has pulled back the curtain on Russia’s most structured
National Security
Stockholm Attributes 2025 Power Plant Attack to Pro-Russian Cyber Syndicate
Swedish authorities have declassified details of a thwarted "destructive" cyberattack against a thermal power plant, warning of a dramatic escalation in hybrid warfare targeting European energy grids. STOCKHOLM — The Swedish government has formally attributed a sophisticated 2025 cyberattack against a domestic thermal power plant to a pro-Russian
Cyber Attacks
UK and Allies Disrupt Global DNS Hijacking Campaign Linked to Russia’s APT28
An international coalition of security agencies, led by the UK’s National Cyber Security Centre (NCSC) and the FBI, has disrupted a major cyber-espionage operation targeting thousands of home and small-office routers. The campaign, attributed to the Russian military intelligence unit known as APT28 (also documented as Fancy