Advertisement
Turla's STOCKSTAY Backdoor: Analysis of Campaigns & WinRAR Exploit
Google Threat Intelligence details STOCKSTAY, Turla's .NET backdoor for espionage targeting Ukraine and Europe, leveraging RDP & CVE-2025-8088.

CVE-2023-38831: Russian APTs Target Ukraine via WinRAR Flaw
Russian threat actors are exploiting the CVE-2023-38831 WinRAR vulnerability to target Ukrainian government and military entities for data theft.

CVE-2025-8088: Russia-Aligned Groups Exploit WinRAR Flaw in Ukraine
Russia-linked actors Earth Dahu and UAC-0226 exploit the CVE-2025-8088 WinRAR path traversal flaw to deploy info-stealers against Ukrainian organizations.

Gamaredon Exploits WinRAR CVE-2025-8088 to Target Ukraine
Russian threat actor Gamaredon weaponizes a WinRAR path traversal flaw to deploy GammaWorm and GammaSteel malware against Ukrainian entities.
2025 Zero-Day Exploitation Review: Enterprise & OS Targets Dominate
GTIG's 2025 zero-day review reveals 90 in-the-wild exploits, with a record 48% targeting enterprise tech and a surge in OS vulnerabilities. Includes actor TTPs.