Security news aggregator

Latest coverage for Russia

Coverage of cybersecurity incidents, policy, privacy, public services, advisories, and regional developments connected to Russia.

459 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Russia covers cybersecurity and information-security developments connected to Russia, including incidents, policy, privacy, advisories, research, and news affecting organizations, public services, and digital systems in the area.

For practitioners, the tag provides geographic context for developments involving Russia's organizations, services, partners, and users. Individual articles provide the specific technologies, threats, sectors, and operational implications relevant to each development.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 459 Filtered view

The Security Service of Ukraine (SSU) said it, together with the U.S. Federal Bureau of Investigation (FBI), uncovered a long-running campaign orchestrated by Russian intelligence services to break into the messaging accounts of government officials, military personnel, politicians, and activists in Ukraine, Europe, and the U.S

The Russian state-sponsored threat actor known as Turla has been attributed to a previously undocumented .NET backdoor called STOCKSTAY that has been deployed against government and military organizations in Ukraine, and entities that have an interest in Italian foreign policy

Cybersecurity researchers have disclosed details of a new Linux backdoor named PamDOORa that's being advertised on the Rehub Russian cybercrime forum for $1,600 by a threat actor called "darkworm." The backdoor is designed as a Pluggable Authentication Module (PAM)-based post-exploitation toolkit that enables persistent SSH access by means of a magic password and specific TCP port combination.

The Russia-linked threat actor known as APT28 (aka Forest Blizzard) has been linked to a new campaign that has compromised insecure MikroTik and TP-Link routers and modified their settings to turn them into malicious infrastructure under their control as part of a cyber espionage campaign since at least May 2025

Loading more headlines...