All CosmicBytez Labs articles tagged #Russia, across news, security advisories, how-to guides, and projects.
Western intelligence officials warn that Moscow's espionage apparatus is deploying cyber spies, hackers, and recruited middlemen to steal dual-use...
Dutch law enforcement seized 800 servers and arrested two operators of THE.Hosting but left the provider's core IP address space intact — and the...
UK signals-intel chief warns AI is reshaping threats as an unstoppable force while Russia escalates hostile gray-zone activity below open conflict.
European law enforcement has taken down First VPN, a privacy service that had been openly advertised on Russian-language cybercrime forums as a tool for...
International law enforcement has dismantled 'First VPN,' a criminal VPN service marketed on Russian-speaking cybercrime forums and used to facilitate...
Russia's Turla APT has transformed its long-running Kazuar backdoor into a modular peer-to-peer botnet architecture engineered for stealth and deep...
Secret Blizzard, a Russian state-sponsored threat group, has evolved its long-running Kazuar backdoor into a sophisticated modular peer-to-peer botnet...
A Belarusian nation-state threat group dubbed FrostyNeighbor is conducting a precise espionage campaign against government organizations in Poland and...
A Microsoft Windows vulnerability originally patched in a prior Patch Tuesday was incompletely remediated, leaving a residual attack surface that...
Pro-Ukrainian hacktivist group PhantomCore has been attributed to a sustained campaign targeting TrueConf video conferencing servers across Russia since...
Ukraine's CERT-UA has confirmed a suspected APT28 espionage campaign targeting Ukrainian prosecutors and anti-corruption agencies, exploiting Roundcube...
Cybercriminals are stealing millions from Russian companies by compromising accountants' computers and disguising fraudulent transfers as routine salary...
Russia's APT28 (Forest Blizzard) is conducting a malwareless espionage campaign by modifying a single DNS setting in vulnerable SOHO routers to silently...
Russian state-sponsored threat actor APT28 (Forest Blizzard / Pawn Storm) has launched a targeted spear-phishing campaign deploying a newly documented...
Microsoft has raised the alarm over Medusa ransomware's unprecedented operational speed, with the group now exploiting zero-day vulnerabilities before...
Germany's Federal Police have publicly named two Russian nationals as the leaders of the GandCrab and REvil ransomware operations, linking them to at...
Microsoft warns that Medusa ransomware operators are exploiting zero-day vulnerabilities approximately one week before public disclosure, enabling the...
German authorities have publicly identified the elusive "UNKN," the operator behind the GandCrab and REvil ransomware groups, as 31-year-old Russian...
Pro-Ukrainian hacktivist group Bearlyfy has conducted over 70 cyberattacks against Russian companies since January 2025, recently deploying a custom...
Proofpoint has attributed a targeted email campaign to Russian state-sponsored threat actor TA446, which is leveraging the recently disclosed DarkSword...
The pro-Ukrainian hacktivist group Bearlyfy has conducted over 70 cyberattacks against Russian businesses in the past year and is escalating operations...
Russian authorities have detained a suspected administrator of LeakBase, a major stolen-data marketplace with over 147,000 subscribers, just weeks after...
Russian law enforcement has arrested the alleged administrator of LeakBase — a credential marketplace operating since 2021 with 142,000 members and...
Ilya Angelov, co-leader of the TA551/Mario Kart cybercrime group, was sentenced to two years in prison for operating a phishing botnet that sent 700,000...
Aleksei Volkov, a Russian initial access broker who sold unauthorized access to U.S. companies for the Yanluowang ransomware group, has been sentenced to...
FBI and CISA alert warns Russian state actors have compromised thousands of messaging accounts belonging to US government officials, military personnel,...
Evgenii Ptitsyn, 43, a Russian national who administered the Phobos ransomware-as-a-service operation, pleaded guilty to wire fraud conspiracy in the U.S....
Amazon's threat intelligence team has documented how a Russian-speaking, financially motivated actor used multiple commercial generative AI tools to...
A Russian-linked phishing operation dubbed Diesel Vortex has stolen over 1,649 credentials from major freight and logistics companies across the US and...
Russia-linked APT28 targeted government, diplomatic, and defense-adjacent entities across Western and Central Europe from September 2025 to January 2026...
The U.S. Treasury sanctioned Russian zero-day exploit broker Operation Zero, its founder Sergey Zelenyuk, and affiliated entities after an FBI...
NoName057(16) and allied hacktivist groups are conducting DDoS attacks against Milan-Cortina 2026 Olympic infrastructure, Italian government sites, and...
Russia-linked APT28 (Fancy Bear) weaponized Microsoft Office CVE-2026-21509 within days of disclosure, deploying espionage implants against Ukrainian...
A Russian state-sponsored APT group dubbed ChainReaver-L compromised trusted file-sharing mirrors and 50 long-established GitHub accounts to distribute...
Google reports that APT groups from China, Russia, Iran, and North Korea are all actively using Gemini AI for cyber operations including target...
Google Threat Intelligence Group attributes a previously undocumented JavaScript malware called CANFAIL to a Russian-linked threat actor targeting...
Peter Williams, former GM of L3Harris's cyber subsidiary Trenchant, admits to selling eight zero-day exploit kits to a Russian broker for $1.3M in...
Critical path traversal vulnerability in WinRAR enables ransomware and credential theft as Russian and Chinese threat actors weaponize phishing campaigns...