Russian Attackers Weaponize WinRAR Flaw Against Ukrainian Orgs
Two separate campaigns target CVE-2025-8088, fixed last July, to conduct data theft and cyberespionage against military and government targets in Ukraine.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Two separate campaigns target CVE-2025-8088, fixed last July, to conduct data theft and cyberespionage against military and government targets in Ukraine.
Cisco Talos researchers observed the new wiper malware in a destructive attack against an unnamed critical infrastructure organization.
Posing as an application used to locate Ukrainian military recruiters, a Kremlin-backed hacking initiative delivers malware, along with disinformation designed to undermine sign-ups for soldiers in the war against Russia.
In the past, Putin's Unit 29155 has utilized malware like WhisperGate to target organizations, particularly those in Ukraine.
Russia has cast aside its focus on civilian infrastructures and is instead targeting Ukraine's military operations in myriad ways.
The targeted operation utilized CVE-2017-8570 as the initial vector and employed a notable custom loader for Cobalt Strike, yet attribution to any known threat actor remains elusive.
The attack, associated with Shuckworm, employs TTPs observed in prior campaigns against the Ukrainian military, predominantly using PowerShell.
It's unclear if the attacks — which hit oil and gas, postal service, transport safety, and railway organizations in the nation — were related.
The group appears to be targeting victims based on their proximity and involvement to and within pro-Ukraine organizations.
The incidents are the latest indication of the growing popularity of dangerous disk wipers, created to disrupt and degrade critical infrastructure and other organizations.
Victims include at least 15 healthcare organizations, one Fortune 500 company, and other organizations in multiple countries, security vendor says.
An analysis of the RomCom APT shows the group is expanding its efforts beyond the Ukrainian military into the UK and other English-speaking countries.
Ukraine military intelligence says Russia is planning cyberattacks on the country's energy sector, as well as against allies including Poland and the Baltic states.
Six Russian state-backed threat actors have lunched 237 cyberattacks on Ukraine's infrastructure, new research from MIcrosoft shows.
The war in Ukraine appears to have triggered a change in mission for the APT known as Bronze President (aka Mustang Panda).
The Russian government is ratcheting up malicious cyberattacks against critical infrastructure in countries supporting Ukraine.
Ukraine military personnel being targeted with mass phishing emails, country's CERT warns.