Russian-linked APT28 hackers exploited a fresh Microsoft Office zero-day in a sophisticated campaign targeting Eastern European governments. Using crafted documents and advanced malware like MiniDoor and PixyNetLoader, the attackers stole sensitive emails and established covert access, even after Microsoft’s emergency patch.
Just days after Microsoft patched a critical Office vulnerability, Russian APT28 hackers unleashed targeted attacks on Ukrainian and EU institutions using advanced malware and legitimate cloud services for stealthy control.
Russia’s APT28 has launched a new wave of phishing attacks targeting energy and defense sectors worldwide, leveraging free hosting and tunneling services to steal credentials from high-value organizations.
Russian state hackers known as APT28 orchestrated a 2025 credential-stealing campaign targeting energy and policy organizations across Eurasia. Using fake login pages and real policy documents, they exploited disposable internet services to exfiltrate sensitive data, exposing critical vulnerabilities in the energy sector.
The French Ministry of the Interior suffered a major cyberattack on its email servers, granting hackers access to confidential files and sparking concerns over espionage and national cyber defense.
APT28, Russia’s notorious Fancy Bear hacking group, is targeting Ukrainian UKR.net users with a sophisticated phishing campaign. Using fake login pages, anonymized tunneling, and relentless tactics, the group continues its cyber-espionage operations amid the ongoing war.
A dramatic cyberattack on France’s Ministry of the Interior mail servers has exposed confidential files and set off a national investigation into the perpetrators—be they foreign spies, cybercriminals, or hacktivists.