Latest news
Cybercrime
Ukrainian Intelligence Report: Russian APT Groups Intensify Cyber Operations — 5,927 Incidents, 37% Rise in 2025
23 May 2026 dark6
A new intelligence report from Ukraine's National Security and Defense Council reveals Russian state-sponsored threat groups dramatically escalated cyber operations...
Vulnerability
CISA Adds CVE-2026-32202 to KEV Catalog as APT28 Actively Exploits Zero-Click Windows Shell Flaw
13 May 2026 dark6
CISA has added CVE-2026-32202, a zero-click Windows Shell authentication coercion flaw, to its KEV catalog following confirmed active exploitation by...
Vulnerability
APT28 Exploits Windows 0-Click Flaw CVE-2026-32202 to Steal NTLM Hashes via Defender SmartScreen Bypass
29 April 2026 dark6
Russian state-sponsored APT28 is actively exploiting CVE-2026-32202, a zero-click Windows Shell vulnerability that bypasses Defender SmartScreen and silently exfiltrates Net-NTLMv2...
Malware
APT28 Deploys New PRISMEX Malware Suite Against Ukraine and NATO in Sophisticated Espionage Campaign
18 April 2026 dark6
Russia's APT28 (Fancy Bear) has launched a new campaign deploying the previously undocumented PRISMEX malware framework, which uses steganography, COM...
Malware
Russia’s APT28 Deploys New PRISMEX Malware in Espionage Campaign Targeting Ukraine and NATO Allies
12 April 2026 dark6
Russia-linked APT28 (Fancy Bear) has launched a new spear-phishing espionage campaign deploying PRISMEX, a previously undocumented malware suite combining steganography,...
Cybercrime
APT28’s FrostArmada: How Russian Hackers Built an 18,000-Router Army to Steal Microsoft 365 Credentials
9 April 2026 dark6
Russia’s APT28 compromised over 18,000 routers across 120 countries to silently hijack DNS and steal Microsoft 365 credentials from government...