Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsTraining
StudyProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Training
Study
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1941+ Articles
150+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
All tags
57 articles

#Russia

All CosmicBytez Labs articles tagged #Russia, across news, security advisories, how-to guides, and projects.

  • NewsJul 15, 2026

    Google Gemini CLI Jailbroken and Used as a Hacking Agent to Run a Malware Botnet

    Trend Micro researchers discovered a Russian-speaking threat actor named 'bandcampro' who jailbroke Google's open-source Gemini CLI to operate an 8-machine botnet inside a dental clinic, including autonomously migrating C2 infrastructure in just 6 minutes.

  • NewsJul 15, 2026

    US Charges Three Russians for Operating Bulletproof Hosting Behind $62M Ransomware Campaign

    Federal prosecutors unsealed a 2024 indictment against three Russian nationals who ran Medialand LLC and ML.Cloud LLC — bulletproof hosting services used by LockBit, BlackSuit, and Play ransomware gangs to victimize 44 organizations across 21 US states.

  • NewsJul 13, 2026

    Hackers Hijack Russian Journalist Sobchak's Telegram Channels via Email Breach, Claim 350 GB Stolen

    Hacker group Black Mirror compromised Ksenia Sobchak's email account and used it to seize two of her Telegram channels with 1.5 million combined subscribers, then published alleged private correspondence with Kremlin officials and claimed to have 350 GB of data for sale.

  • NewsJul 13, 2026

    UK Charges Five Suspects Linked to Russian Coms Call Spoofing Platform

    The UK National Crime Agency has charged five suspects following an investigation into Russian Coms, a major criminal caller ID spoofing platform responsible for over 1.8 million scam calls targeting victims across the UK and globally, enabling fraudsters to impersonate banks, government agencies, and trusted organizations.

  • NewsJul 4, 2026

    Armored Likho Targets Government Agencies, Power Sector with BusySnake Stealer

    Kaspersky has identified a previously undocumented APT group — Armored Likho (aka Eagle Werewolf) — deploying an AI-assisted Python infostealer called...

  • NewsJun 29, 2026

    Gamaredon Expands Ukraine Attacks with New Malware and Cloud Abuse

    Russian FSB-linked APT group Gamaredon has mounted 35 distinct spear-phishing campaigns against Ukrainian targets in 2025, deploying an expanded malware...

  • NewsJun 29, 2026

    Iran, Russia, and China Target Water Systems for Sabotage

    Nation-state attackers from Iran, Russia, and China are breaching water utility systems through weak passwords, exposed PLCs, and poor network...

  • NewsJun 29, 2026

    U.S. Offers $10 Million for Russian Hackers Targeting WhatsApp and Signal Users

    The U.S. Department of State is offering up to $10 million through its Rewards for Justice program for information identifying members of UNC5792 and...

  • NewsJun 28, 2026

    FBI: Russian Hackers Now Target Signal Backup Recovery Keys

    The FBI and CISA warn that a Russian-linked phishing campaign targeting Signal users has evolved to steal Backup Recovery Keys, giving attackers full...

  • NewsJun 28, 2026

    Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials

    Ukraine's SSU and the FBI have exposed a sustained Russian intelligence campaign using fake support SMS messages to steal Signal, WhatsApp, and Telegram...

  • NewsJun 27, 2026

    Ukraine and FBI Expose Russian Intelligence Campaign Stealing Signal Credentials via Fake SMS

    The SSU and FBI jointly disclosed a sustained Russian intelligence operation targeting messaging credentials of government officials, military personnel,...

  • NewsJun 26, 2026

    Russia Used Social Engineering to Breach Prominent Messaging Accounts, Ukraine Says

    Ukraine's SBU and the FBI have jointly exposed a long-running Russian intelligence operation using fake tech-support workers to steal messaging app...

  • NewsJun 26, 2026

    Russian APT Deploys 'StockStay' Backdoor Against Ukrainian Targets

    Turla, a prolific Russian state-sponsored threat actor, has deployed a previously undocumented backdoor dubbed 'StockStay' in espionage operations...

  • NewsJun 25, 2026

    Russian APT Gamaredon Upgrades Its Arsenal, Requiring New Defenses

    ESET research reveals FSB-sponsored Gamaredon has significantly upgraded its C2 infrastructure obfuscation and malware delivery capabilities, running 35...

  • NewsJun 24, 2026

    FortiBleed: 5-Stage Attack Chain Behind 110 Million Credential Heist on FortiGate Firewalls

    Deep analysis of the FortiBleed operation reveals a sophisticated five-stage credential harvesting pipeline — custom Golang sniffers, Telegram-based...

  • NewsJun 23, 2026

    FortiBleed: Russian IAB Harvested 110 Million Credentials from 430,000 FortiGate Firewalls

    A financially motivated Russian-speaking initial access broker behind the FortiBleed campaign has been systematically harvesting credentials from over...

  • NewsJun 23, 2026

    Russian Initial Access Broker Behind FortiBleed Campaign

    A Russian-speaking initial access broker has compromised 86,644 verified credentials from over 430,000 internet-facing Fortinet FortiGate devices across...

  • NewsJun 18, 2026

    Police Cleans Nearly 15,000 SocGholish-Infected Sites Tied to Evil Corp

    International law enforcement cleaned nearly 15,000 malware-infected WordPress websites and took down more than 100 servers linked to the SocGholish...

  • NewsJun 16, 2026

    Cyberattack on Russian Tech Firm Astral Disrupts Business and Government Services for a Week

    A sustained cyberattack against Russian enterprise software provider Astral has disrupted business and government services across Russia for over a week,...

  • NewsMay 30, 2026

    Russian Spies Aggressively Targeting Western Technology as Sanctions Bite

    Western intelligence officials warn that Moscow's espionage apparatus is deploying cyber spies, hackers, and recruited middlemen to steal dual-use...

  • NewsMay 28, 2026

    Dutch Raid Fails to Dent Russian Bulletproof Host THE.Hosting

    Dutch law enforcement seized 800 servers and arrested two operators of THE.Hosting but left the provider's core IP address space intact — and the...

  • NewsMay 28, 2026

    UK Cyberspying Chief Calls AI 'an Unstoppable Force' and Warns About Russia

    UK signals-intel chief warns AI is reshaping threats as an unstoppable force while Russia escalates hostile gray-zone activity below open conflict.

  • NewsMay 21, 2026

    Europe Dismantles VPN Service Used by Cybercriminals to Hide Ransomware Attacks

    European law enforcement has taken down First VPN, a privacy service that had been openly advertised on Russian-language cybercrime forums as a tool for...

  • NewsMay 21, 2026

    Police Seize 'First VPN' Service Used in Ransomware and Data Theft Attacks

    International law enforcement has dismantled 'First VPN,' a criminal VPN service marketed on Russian-speaking cybercrime forums and used to facilitate...

  • NewsMay 17, 2026

    Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access

    Russia's Turla APT has transformed its long-running Kazuar backdoor into a modular peer-to-peer botnet architecture engineered for stealth and deep...

  • NewsMay 16, 2026

    Russian Hackers Turn Kazuar Backdoor into Modular P2P Botnet

    Secret Blizzard, a Russian state-sponsored threat group, has evolved its long-running Kazuar backdoor into a sophisticated modular peer-to-peer botnet...

  • NewsMay 14, 2026

    ''FrostyNeighbor'' APT Carefully Targets Govt Orgs in Poland, Ukraine

    A Belarusian nation-state threat group dubbed FrostyNeighbor is conducting a precise espionage campaign against government organizations in Poland and...

  • NewsApr 27, 2026

    Incomplete Windows Patch Opens Door to Zero-Click Attacks

    A Microsoft Windows vulnerability originally patched in a prior Patch Tuesday was incompletely remediated, leaving a residual attack surface that...

  • NewsApr 27, 2026

    PhantomCore Exploits TrueConf Vulnerabilities to Breach

    Pro-Ukrainian hacktivist group PhantomCore has been attributed to a sustained campaign targeting TrueConf video conferencing servers across Russia since...

  • NewsApr 17, 2026

    Ukraine Confirms APT28 Campaign Targeting Prosecutors and Anti-Corruption Agencies

    Ukraine's CERT-UA has confirmed a suspected APT28 espionage campaign targeting Ukrainian prosecutors and anti-corruption agencies, exploiting Roundcube...

  • NewsApr 9, 2026

    Cybercriminals Target Accountants to Drain Russian Firms'

    Cybercriminals are stealing millions from Russian companies by compromising accountants' computers and disguising fraudulent transfers as routine salary...

  • NewsApr 9, 2026

    Russia's Forest Blizzard Harvests Logins via SOHO Router

    Russia's APT28 (Forest Blizzard) is conducting a malwareless espionage campaign by modifying a single DNS setting in vulnerable SOHO routers to silently...

  • NewsApr 8, 2026

    APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine

    Russian state-sponsored threat actor APT28 (Forest Blizzard / Pawn Storm) has launched a targeted spear-phishing campaign deploying a newly documented...

  • NewsApr 7, 2026

    Medusa Ransomware Exploits Zero-Days to Deploy Ransomware

    Microsoft has raised the alarm over Medusa ransomware's unprecedented operational speed, with the group now exploiting zero-day vulnerabilities before...

  • NewsApr 6, 2026

    German Authorities Identify REvil and GandCrab Ransomware

    Germany's Federal Police have publicly named two Russian nationals as the leaders of the GandCrab and REvil ransomware operations, linking them to at...

  • NewsApr 6, 2026

    Medusa Ransomware Group Exploits Zero-Days to Strike Within

    Microsoft warns that Medusa ransomware operators are exploiting zero-day vulnerabilities approximately one week before public disclosure, enabling the...

  • NewsApr 5, 2026

    Germany Doxes "UNKN," Head of RU Ransomware Gangs REvil

    German authorities have publicly identified the elusive "UNKN," the operator behind the GandCrab and REvil ransomware groups, as 31-year-old Russian...

  • NewsMar 28, 2026

    Bearlyfy Hits Russian Firms with Custom GenieLocker

    Pro-Ukrainian hacktivist group Bearlyfy has conducted over 70 cyberattacks against Russian companies since January 2025, recently deploying a custom...

  • NewsMar 28, 2026

    TA446 Deploys DarkSword iOS Exploit Kit in Targeted

    Proofpoint has attributed a targeted email campaign to Russian state-sponsored threat actor TA446, which is leveraging the recently disclosed DarkSword...

  • NewsMar 26, 2026

    Pro-Ukraine Hacker Group Bearlyfy Targets Russian Companies

    The pro-Ukrainian hacktivist group Bearlyfy has conducted over 70 cyberattacks against Russian businesses in the past year and is escalating operations...

  • NewsMar 26, 2026

    Russia Detains Alleged Admin of LeakBase Cybercrime Forum

    Russian authorities have detained a suspected administrator of LeakBase, a major stolen-data marketplace with over 147,000 subscribers, just weeks after...

  • NewsMar 25, 2026

    LeakBase Admin Arrested in Russia Over Massive Stolen

    Russian law enforcement has arrested the alleged administrator of LeakBase — a credential marketplace operating since 2021 with 142,000 members and...

  • NewsMar 25, 2026

    Manager of Botnet Used in Ransomware Attacks Gets 2 Years

    Ilya Angelov, co-leader of the TA551/Mario Kart cybercrime group, was sentenced to two years in prison for operating a phishing botnet that sent 700,000...

  • NewsMar 24, 2026

    Russian Hacker Who Helped Yanluowang Ransomware Gang Gets

    Aleksei Volkov, a Russian initial access broker who sold unauthorized access to U.S. companies for the Yanluowang ransomware group, has been sentenced to...

  • NewsMar 22, 2026

    FBI Warns Russian Intelligence Targeting Signal and WhatsApp in Mass Phishing Campaign

    FBI and CISA alert warns Russian state actors have compromised thousands of messaging accounts belonging to US government officials, military personnel,...

  • NewsMar 5, 2026

    Phobos Ransomware Admin Pleads Guilty — 1,000+ Victims

    Evgenii Ptitsyn, 43, a Russian national who administered the Phobos ransomware-as-a-service operation, pleaded guilty to wire fraud conspiracy in the U.S....

  • NewsFeb 25, 2026

    AI-Armed Amateur Hacker Compromises 600+ FortiGate

    Amazon's threat intelligence team has documented how a Russian-speaking, financially motivated actor used multiple commercial generative AI tools to...

  • NewsFeb 25, 2026

    Diesel Vortex: Russian Cybercrime Ring Steals 1,649

    A Russian-linked phishing operation dubbed Diesel Vortex has stolen over 1,649 credentials from major freight and logistics companies across the US and...

  • NewsFeb 24, 2026

    APT28 Operation MacroMaze: Russia-Linked Hackers Hit

    Russia-linked APT28 targeted government, diplomatic, and defense-adjacent entities across Western and Central Europe from September 2025 to January 2026...

  • NewsFeb 24, 2026

    U.S. Treasury Sanctions Russian Zero-Day Broker Operation

    The U.S. Treasury sanctioned Russian zero-day exploit broker Operation Zero, its founder Sergey Zelenyuk, and affiliated entities after an FBI...

  • NewsFeb 20, 2026

    Pro-Russian Hacktivists Launch Sustained Cyber Campaign

    NoName057(16) and allied hacktivist groups are conducting DDoS attacks against Milan-Cortina 2026 Olympic infrastructure, Italian government sites, and...

  • NewsFeb 16, 2026

    APT28 Weaponizes Microsoft Office Zero-Day in 3 Days

    Russia-linked APT28 (Fancy Bear) weaponized Microsoft Office CVE-2026-21509 within days of disclosure, deploying espionage implants against Ukrainian...

  • NewsFeb 15, 2026

    Russian APT 'ChainReaver' Hijacks 50 GitHub Accounts and Mirrors

    A Russian state-sponsored APT group dubbed ChainReaver-L compromised trusted file-sharing mirrors and 50 long-established GitHub accounts to distribute...

  • NewsFeb 13, 2026

    All Four Major Nation-State Adversaries Now Weaponizing

    Google reports that APT groups from China, Russia, Iran, and North Korea are all actively using Gemini AI for cyber operations including target...

  • NewsFeb 13, 2026

    Russian-Linked CANFAIL Malware Targets Ukrainian Defense

    Google Threat Intelligence Group attributes a previously undocumented JavaScript malware called CANFAIL to a Russian-linked threat actor targeting...

  • NewsFeb 11, 2026

    Ex-L3Harris Executive Pleads Guilty to Selling Eight

    Peter Williams, former GM of L3Harris's cyber subsidiary Trenchant, admits to selling eight zero-day exploit kits to a Russian broker for $1.3M in...

  • SecurityFeb 10, 2026

    WinRAR Path Traversal Flaw CVE-2025-8088 Actively Exploited

    Critical path traversal vulnerability in WinRAR enables ransomware and credential theft as Russian and Chinese threat actors weaponize phishing campaigns...