Skip to main content
RuntimeRebel
← All Articles

Tag

#Ukraine

11 articles

Advertisement

Gamaredon Exploits WinRAR CVE-2025-8088 to Target Ukraine
CRITICAL
Threat Intel

Gamaredon Exploits WinRAR CVE-2025-8088 to Target Ukraine

Russian threat actor Gamaredon weaponizes a WinRAR path traversal flaw to deploy GammaWorm and GammaSteel malware against Ukrainian entities.

Runtime Rebel Intel
3 min read·Jun 2, 2026
GREYVIBE: Russian Actor's AI-Powered Cyberattacks Target Ukraine
CRITICAL
Threat Intel

GREYVIBE: Russian Actor's AI-Powered Cyberattacks Target Ukraine

Analysis of GREYVIBE, a newly discovered Russian-linked threat actor utilizing AI-powered techniques to target Ukrainian entities since August 2025.

Runtime Rebel Intel
4 min read·May 29, 2026
TH
HIGH
Threat Intel

GreyVibe Actor Leverages AI Lures to Target Ukrainian Entities

Russian threat cluster GreyVibe uses ChatGPT and Gemini to automate highly targeted phishing lures and deploy custom malware against Ukrainian targets.

Runtime Rebel Intel
4 min read·May 29, 2026
Ghostwriter Targets Ukraine Government with Prometheus Phishing
CRITICAL
Threat Intel

Ghostwriter Targets Ukraine Government with Prometheus Phishing

Belarus-aligned Ghostwriter (UAC-0057) targets Ukrainian government entities with Prometheus-themed phishing emails to deploy sophisticated malware. Learn detection and

Runtime Rebel Intel
4 min read·May 22, 2026
FrostyNeighbor APT Targets Poland/Ukraine Gov with Spear-Phishing
CRITICAL
Threat Intel

FrostyNeighbor APT Targets Poland/Ukraine Gov with Spear-Phishing

Belarussian APT 'FrostyNeighbor' is deploying spear-phishing campaigns against Polish and Ukrainian government entities after unique victim fingerprinting, aiming for

Runtime Rebel Intel
4 min read·May 14, 2026
Ghostwriter Targets Ukraine with Geofenced PDF Phishing & Cobalt Strike
HIGH
Threat Intel

Ghostwriter Targets Ukraine with Geofenced PDF Phishing & Cobalt Strike

Ghostwriter (UAC-0057) leverages geofenced PDF phishing to deliver Cobalt Strike against Ukrainian government entities, combining espionage and influence.

Runtime Rebel Intel
3 min read·May 14, 2026
UAC-0247 Targets Ukrainian Healthcare via Data-Theft Malware
HIGH
Threat Intel

UAC-0247 Targets Ukrainian Healthcare via Data-Theft Malware

UAC-0247 is targeting Ukrainian clinics and government entities using malware designed to steal data from WhatsApp and Chromium-based browsers.

Runtime Rebel Intel
3 min read·Apr 16, 2026
MA
CRITICAL
Malware

AgingFly Malware: Credential Theft Operations Against Ukraine

Analysis of AgingFly malware, a new threat observed actively targeting Ukrainian government and hospital entities to steal credentials from Chromium browsers and

Runtime Rebel Intel
5 min read·Apr 16, 2026
APT28 Targets Ukraine and NATO Allies with New PRISMEX Malware
CRITICAL
Threat Intel

APT28 Targets Ukraine and NATO Allies with New PRISMEX Malware

APT28 (Forest Blizzard) deploys the undocumented PRISMEX malware suite against Ukraine and NATO, utilizing COM hijacking and cloud-based C2 infrastructure.

Runtime Rebel Intel
4 min read·Apr 8, 2026
TH
HIGH
Threat Intel

APT28 Targets Ukraine via CVE-2024-45519 Zimbra Exploit

Russian APT28 hackers exploit CVE-2024-45519 in Zimbra Collaboration Suite to target Ukrainian government entities via malicious email-based command injection.

Runtime Rebel Intel
3 min read·Mar 19, 2026
DarkSword iPhone Exploit Kit: Zero-Day Attacks on iOS Users
CRITICAL
Threat Intel

DarkSword iPhone Exploit Kit: Zero-Day Attacks on iOS Users

DarkSword, an advanced iPhone exploit kit, leverages multiple zero-day vulnerabilities to target users in Saudi Arabia, Turkey, Malaysia, and Ukraine for espionage and

Runtime Rebel Intel
4 min read·Mar 19, 2026