Advertisement
APT28 Exploits Incomplete Windows Patch: Zero-Click Attacks Persist
An incomplete Windows patch leaves systems vulnerable to zero-click attacks. Russia-linked APT28 exploited this against Ukraine and EU. Learn how to defend.
APT28 Analysis: Mitigation Strategies Against Fancy Bear Campaigns
A technical analysis of APT28's global operations, highlighting the necessity of Zero Trust and rapid patching to counter Fancy Bear threat activity.
APT28 Forest Blizzard DNS Manipulation Targets SOHO Routers
Russian APT28, or Forest Blizzard, is conducting malwareless cyber espionage by manipulating DNS settings on vulnerable SOHO routers to steal credentials from global
APT28 Targets Ukraine and NATO Allies with New PRISMEX Malware
APT28 (Forest Blizzard) deploys the undocumented PRISMEX malware suite against Ukraine and NATO, utilizing COM hijacking and cloud-based C2 infrastructure.
APT28 Exploits MikroTik & TP-Link Routers in DNS Hijacking
Russian state-linked APT28 (Forest Blizzard) is compromising insecure SOHO routers globally, employing DNS hijacking for cyber espionage since May 2025.
APT28 FrostArmada DNS Hijack Campaign Steals Microsoft 365 Logins
Authorities disrupt APT28's FrostArmada campaign, which used DNS hijacking of MikroTik and TP-Link routers to steal Microsoft 365 account credentials.
Star Blizzard (APT28) Adopts DarkSword iOS Exploit Kit
Russian APT Star Blizzard (APT28) now uses the DarkSword iOS exploit kit to target government, finance, and academia, increasing mobile threat exposure.
APT28 Targets Ukraine via CVE-2024-45519 Zimbra Exploit
Russian APT28 hackers exploit CVE-2024-45519 in Zimbra Collaboration Suite to target Ukrainian government entities via malicious email-based command injection.
Sednit/APT28 Resurfaces: Advanced Toolkit Threat Analysis
Russian-affiliated APT Sednit (APT28) has returned with sophisticated new malware, shifting from simple implants. Understand their updated TTPs and mitigation strategies.
AI-Enhanced Cyberattacks: Microsoft Details LLM Abuse by APT Groups
Microsoft reveals how nation-state actors like APT28 and Crimson Sandstorm are using AI to automate reconnaissance and refine social engineering lures.
Russian Coruna iOS Exploit Kit Targets Global Users — Analysis
Security researchers uncover the Coruna iOS exploit kit, a nation-state tool now used in broader campaigns to deliver spyware to mobile devices.
APT28 Exploits CVE-2026-21513: MSHTML 0-Day Intelligence
Akamai reports Russia-linked APT28 exploited CVE-2026-21513 in the MSHTML Framework as a zero-day before Microsoft's February 2026 security patch updates.