Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse
A Russian advanced persistent threat (APT) group has continued to evolve and expand its malware arsenal as part of its ongoing cyber onslaught against Ukraine throughout 2025
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
A Russian advanced persistent threat (APT) group has continued to evolve and expand its malware arsenal as part of its ongoing cyber onslaught against Ukraine throughout 2025
The Russian threat actor known as APT28 (aka Forest Blizzard and Pawn Storm) has been linked to a fresh spear-phishing campaign targeting Ukraine and its allies to deploy a previously undocumented malware suite codenamed PRISMEX
The Russian state-sponsored hacking group tracked as APT28 has been observed using a pair of implants dubbed BEARDSHELL and COVENANT to facilitate long‑term surveillance of Ukrainian military personnel
The Russia-linked threat actor known as Gamaredon (aka Shuckworm) has been attributed to a cyber attack targeting a foreign military mission based in Ukraine with an aim to deliver an updated version of a known malware called GammaSteel
The Ukraine cyber police have arrested a 28-year-old Russian man in Kyiv for working with Conti and LockBit ransomware operations to make their malware undetectable by antivirus software and conducting at least one attack himself. [...]
This RomCom is no laughing matter A change in the deployment of the RomCom malware strain has illustrated the blurring distinction between cyberattacks motivated by money and those fueled by geopolitics, in this case Russia's illegal invasion of Ukraine, according to Trend Micro analysts.…
If this is Kyiv's work, Russia can Crimea river A cyber espionage campaign targeting organizations in Russian-occupied regions of Ukraine is using novel malware to steal data, according to Russia-based infosec software vendor Kaspersky.…
A Russia-linked threat actor has been observed deploying a new information-stealing malware in cyber attacks targeting Ukraine
The Russia-affiliated Sandworm used yet another wiper malware strain dubbed NikoWiper as part of an attack that took place in October 2022 targeting an energy sector company in Ukraine
Ukraine has come under a fresh cyber onslaught from Russia that involved the deployment of a previously undocumented Golang-based data wiper dubbed SwiftSlicer
Ukraine has come under a fresh onslaught of ransomware attacks that mirror previous intrusions attributed to the Russia-based Sandworm nation-state group
Russian state-sponsored actors are continuing to strike Ukrainian entities with information-stealing malware as part of what's suspected to be an espionage operation
Cyber-espionage gang using multiple variants of its custom backdoor to ensure persistence, Symantec warns A Russian-linked threat group that has almost exclusively targeted Ukraine since it first appeared on the scene in 2014 is deploying multiple variants of its malware payload on systems within the country.…
Government agencies impersonated, fake antivirus, another wiper, backdoors As Ukraine fights for survival against invading Russian forces, here's a taste of some of the malware the nation's Computer Emergency Response Team (CERT) is battling.…
CaddyWiper looks like nothing else, says ESET
Ukraine's Computer Emergency Response Team is warning that threat actors are distributing fake Windows antivirus updates that install Cobalt Strike and other malware. [...]
Two weeks after details emerged about a second data wiper strain delivered in attacks against Ukraine, yet another destructive malware has been detected amid Russia's continuing military invasion of the country
While Apple halts all sales in Russia, Visa and Mastercard block banks The disk-wiping malware that tore through at least hundreds of Ukrainian Windows systems at the start of Russia's occupation wasn't alone. Slovakian infosec firm ESET has found a second similar strain in Ukraine.…
While Apple halts all sales in Russia, Visa and Mastercard block banks The disk-wiping malware that tore through at least hundreds of Ukrainian Windows systems at the start of Russia's occupation wasn't alone. Slovakian infosec firm ESET has found a second similar strain in Ukraine.…
A new data wiper malware has been observed deployed against an unnamed Ukrainian government network, a day after destructive cyber attacks struck multiple entities in the country preceding the start of Russia's military invasion