APT28

Russian Hackers Target Crypto Wallets

A Russian-speaking hacker has been linked to a series of attacks on cryptocurrency wallets,

Signal Introduces Security Warnings

Signal has introduced new in-app security warnings to protect users from phishing and social engineering attacks, which have been targeting the platform's "linked devices" feature. The attacks, linked to Russian intelligence, have been identified by Dutch and German security authorities. Users should be cautious when receiving messages from unknown or unverified contacts.

AI-Linked Zero-Day Exploit Found

Google researchers have discovered a zero-day exploit likely built with AI, targeting a popular open-source web-based system administration tool. The exploit allows attackers to bypass two-factor authentication with valid user credentials. Users of the affected tool should update their software to prevent

Russia's Secret Hacker School

A secret school within Bauman Moscow State Technical University allegedly trains students to join state-sponsored hacking groups. This raises concerns about the potential for increased cyber threats from Russia. Affected organizations should be vigilant and review their security measures.

Signal Phishing Targets German Officials

A suspected Russian phishing campaign is targeting German officials via Signal, aiming to access sensitive political communications. The campaign exploits trust in the messaging app to deceive victims into divulging account credentials. German authorities are investigating the large-scale operation.

Germany Probes Signal Phishing

German federal prosecutors are investigating alleged cyberattacks targeting top officials' Signal accounts. The suspected perpetrator is Russia, and the attacks are believed to have occurred since mid-February 2026.

Sweden Heating Plant Cyberattack

A pro-Russian group attempted a cyberattack on a Swedish heating plant in 2025, highlighting growing threats to Europe's energy infrastructure. The attack was unsuccessful, but it underscores the need for increased vigilance in protecting critical infrastructure. Organizations responsible for energy infrastructure should review their security measures to prevent similar attacks.

Fancy Bear APT Strikes Globally

The Fancy Bear APT group, attributed to Russia, continues to conduct widespread cyber attacks

Russia's APT28 Exploits SOHO Routers

Russia's APT28 group has been using a novel approach to spy on global organizations by modifying a single DNS setting in vulnerable SOHO routers. This tactic allows them to intercept login credentials without deploying malware. Organizations with vulnerable routers should take immediate action to secure their networks.

Russia Hijacks Vulnerable Routers

The UK's National Cyber Security Centre (NCSC) has warned that Russian military intelligence group APT28 is exploiting vulnerable edge devices, including routers, to support malicious cyber operations. This affects organizations and individuals with unpatched or poorly secured devices. Users should take immediate action to secure their devices and networks.

APT28 Exploits Routers

Russian cyber actor APT28 has been exploiting vulnerable routers to enable DNS hijacking operations, allowing for adversary-in