Advertisement
TH
CRITICAL
Threat Intel
Turla's STOCKSTAY Backdoor: Analysis of Campaigns & WinRAR Exploit
Google Threat Intelligence details STOCKSTAY, Turla's .NET backdoor for espionage targeting Ukraine and Europe, leveraging RDP & CVE-2025-8088.
Runtime Rebel Intel
13 min read·Jun 26, 2026

CRITICAL
Threat Intel
Turla Deploys New STOCKSTAY Backdoor in Ukraine Espionage Operations
Google identifies STOCKSTAY, a new .NET backdoor by Russian actor Turla targeting Ukrainian military and Italian foreign policy interests via Windows systems.
Runtime Rebel Intel
3 min read·Jun 26, 2026