Skip to main content
← All Articles

Tag

#Ukraine

18 articles

Advertisement

Russian Intelligence Steals Messaging Credentials via SMS Lures
CRITICAL
Threat Intel

Russian Intelligence Steals Messaging Credentials via SMS Lures

Ukraine and the FBI expose a long-running Russian intelligence campaign using fake support messages to compromise officials' messaging accounts.

Runtime Rebel Intel
4 min read·Jun 27, 2026
TH
CRITICAL
Threat Intel

Turla's STOCKSTAY Backdoor: Analysis of Campaigns & WinRAR Exploit

Google Threat Intelligence details STOCKSTAY, Turla's .NET backdoor for espionage targeting Ukraine and Europe, leveraging RDP & CVE-2025-8088.

Runtime Rebel Intel
13 min read·Jun 26, 2026
Russian APT Gamaredon Upgrades UAC-0010 Malware Arsenal
HIGH
Threat Intel

Russian APT Gamaredon Upgrades UAC-0010 Malware Arsenal

Analysis of Russian APT Gamaredon's (UAC-0010) upgraded arsenal, featuring stealthier Pterodo malware loading and volatile C2 infrastructure rotation.

Runtime Rebel Intel
3 min read·Jun 26, 2026
TH
CRITICAL
Threat Intel

Turla APT Deploys StockStay Backdoor in Ukraine Espionage Campaign

Russian APT Turla targets Ukrainian government and military entities with the custom StockStay backdoor for persistent access and cyber espionage.

Runtime Rebel Intel
3 min read·Jun 26, 2026
Turla Deploys New STOCKSTAY Backdoor in Ukraine Espionage Operations
CRITICAL
Threat Intel

Turla Deploys New STOCKSTAY Backdoor in Ukraine Espionage Operations

Google identifies STOCKSTAY, a new .NET backdoor by Russian actor Turla targeting Ukrainian military and Italian foreign policy interests via Windows systems.

Runtime Rebel Intel
3 min read·Jun 26, 2026
CVE-2023-38831: Russian APTs Target Ukraine via WinRAR Flaw
HIGH
Threat Intel

CVE-2023-38831: Russian APTs Target Ukraine via WinRAR Flaw

Russian threat actors are exploiting the CVE-2023-38831 WinRAR vulnerability to target Ukrainian government and military entities for data theft.

Runtime Rebel Intel
3 min read·Jun 9, 2026
CVE-2025-8088: Russia-Aligned Groups Exploit WinRAR Flaw in Ukraine
HIGH
Threat Intel

CVE-2025-8088: Russia-Aligned Groups Exploit WinRAR Flaw in Ukraine

Russia-linked actors Earth Dahu and UAC-0226 exploit the CVE-2025-8088 WinRAR path traversal flaw to deploy info-stealers against Ukrainian organizations.

Runtime Rebel Intel
3 min read·Jun 9, 2026
Gamaredon Exploits WinRAR CVE-2025-8088 to Target Ukraine
CRITICAL
Threat Intel

Gamaredon Exploits WinRAR CVE-2025-8088 to Target Ukraine

Russian threat actor Gamaredon weaponizes a WinRAR path traversal flaw to deploy GammaWorm and GammaSteel malware against Ukrainian entities.

Runtime Rebel Intel
3 min read·Jun 2, 2026
GREYVIBE: Russian Actor's AI-Powered Cyberattacks Target Ukraine
CRITICAL
Threat Intel

GREYVIBE: Russian Actor's AI-Powered Cyberattacks Target Ukraine

Analysis of GREYVIBE, a newly discovered Russian-linked threat actor utilizing AI-powered techniques to target Ukrainian entities since August 2025.

Runtime Rebel Intel
4 min read·May 29, 2026
TH
HIGH
Threat Intel

GreyVibe Actor Leverages AI Lures to Target Ukrainian Entities

Russian threat cluster GreyVibe uses ChatGPT and Gemini to automate highly targeted phishing lures and deploy custom malware against Ukrainian targets.

Runtime Rebel Intel
4 min read·May 29, 2026
Ghostwriter Targets Ukraine Government with Prometheus Phishing
CRITICAL
Threat Intel

Ghostwriter Targets Ukraine Government with Prometheus Phishing

Belarus-aligned Ghostwriter (UAC-0057) targets Ukrainian government entities with Prometheus-themed phishing emails to deploy sophisticated malware. Learn detection and

Runtime Rebel Intel
4 min read·May 22, 2026
FrostyNeighbor APT Targets Poland/Ukraine Gov with Spear-Phishing
CRITICAL
Threat Intel

FrostyNeighbor APT Targets Poland/Ukraine Gov with Spear-Phishing

Belarussian APT 'FrostyNeighbor' is deploying spear-phishing campaigns against Polish and Ukrainian government entities after unique victim fingerprinting, aiming for

Runtime Rebel Intel
4 min read·May 14, 2026