Skip to main content
RuntimeRebel
← All Articles

Tag

#Forest Blizzard

3 articles

Advertisement

APT28 Forest Blizzard DNS Manipulation Targets SOHO Routers
CRITICAL
Threat Intel

APT28 Forest Blizzard DNS Manipulation Targets SOHO Routers

Russian APT28, or Forest Blizzard, is conducting malwareless cyber espionage by manipulating DNS settings on vulnerable SOHO routers to steal credentials from global

Runtime Rebel Intel
5 min read·Apr 9, 2026
APT28 Targets Ukraine and NATO Allies with New PRISMEX Malware
CRITICAL
Threat Intel

APT28 Targets Ukraine and NATO Allies with New PRISMEX Malware

APT28 (Forest Blizzard) deploys the undocumented PRISMEX malware suite against Ukraine and NATO, utilizing COM hijacking and cloud-based C2 infrastructure.

Runtime Rebel Intel
4 min read·Apr 8, 2026
APT28 Exploits MikroTik & TP-Link Routers in DNS Hijacking
CRITICAL
Threat Intel

APT28 Exploits MikroTik & TP-Link Routers in DNS Hijacking

Russian state-linked APT28 (Forest Blizzard) is compromising insecure SOHO routers globally, employing DNS hijacking for cyber espionage since May 2025.

Runtime Rebel Intel
4 min read·Apr 7, 2026