New Russia-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks

A previously undocumented threat actor dubbed GREYVIBE has been attributed to ongoing and persistent attacks targeting Ukraine and Ukraine-related entities since at least August 2025. GREYVIBE, per WithSecure, is assessed to be a Russian-speaking group operating broadly in the Russian time zone,...

Drones to Diplomas: How Russia’s Largest Private University is Linked to a $25M Essay Mill

A sprawling academic cheating network turbocharged by Google Ads that has generated nearly $25 million in revenue has curious ties to a Kremlin-connected oligarch whose Russian university builds drones for Russia's war against Ukraine. The Nerdify homepage. The link between essay mills and Russia...

The Mysterious Shortwave Radio Station Stoking US-Russia Nuclear Fears

A popular shortwave Russian radio station dubbed “UVB-76” has been an enigma for decades. But its recent messages have turned it into a tool for Kremlin saber-rattling...

Russia Is Cracking Down on End-to-End Encrypted Calls

Plus: ICE agents accidentally add a random person to a sensitive group chat, Norwegian intelligence blames the Kremlin for hacking a dam, and new facial recognition vans roam the UK...

Inside a Dark Adtech Empire Fed by Fake CAPTCHAs

Late last year, security researchers made a startling discovery: Kremlin-backed disinformation campaigns were bypassing moderation on social media platforms by leveraging the same malicious advertising technology that powers a sprawling ecosystem of online hucksters and website hackers. A new...

Russia Is Going All Out on Election Day Interference

Along with other foreign influence operations—including from Iran—Kremlin-backed campaigns to stoke division and fear have gone into overdrive...

The Shitposting Cartoon Dogs Sending Trucks, Drones, and Weapons to Ukraine’s Front Lines

The North Atlantic Fella Organization, which started as a way to fight Kremlin propaganda, has raised millions of dollars to send vital equipment directly to soldiers fighting Russia...

U.S. Seizes Domains Used by AI-Powered Russian Bot Farm for Disinformation

The U.S. Department of Justice DoJ said it seized two internet domains and searched nearly 1,000 social media accounts that Russian threat actors allegedly used to covertly spread pro-Kremlin disinformation in the country and abroad on a large scale. "The social media bot farm used elements of AI...

Russians Love YouTube. That’s a Problem for the Kremlin

YouTube remains the only major US-based social media platform available in Russia. It’s become "indispensable" to everyday people, making a ban tricky. Journalists and dissidents are taking advantage...

Hackers Linked to Russia’s Military Claim Credit for Sabotaging US Water Utilities

Cyber Army of Russia Reborn, a group with ties to the Kremlin’s Sandworm unit, is crossing lines even that notorious cyberwarfare unit wouldn’t dare to...

Microsoft Confirms Russian Hackers Stole Source Code, Some Customer Secrets

Microsoft on Friday revealed that the Kremlin-backed threat actor known as Midnight Blizzard aka APT29 or Cozy Bear managed to gain access to some of its source code repositories and internal systems following a hack that came to light in January 2024. "In recent weeks, we have seen evidence that...

Tech Giant HP Enterprise Hacked by Russian Hackers Linked to DNC Breach

Hackers with links to the Kremlin are suspected to have infiltrated information technology company Hewlett Packard Enterprise's HPE cloud email environment to exfiltrate mailbox data. "The threat actor accessed and exfiltrated data beginning in May 2023 from a small percentage of HPE mailboxes...

CERT-UA Uncovers New Malware Wave Distributing OCEANMAP, MASEPIE, STEELHOOK

The Computer Emergency Response Team of Ukraine CERT-UA has warned of a new phishing campaign orchestrated by the Russia-linked APT28 group to deploy previously undocumented malware such as OCEANMAP, MASEPIE, and STEELHOOK to harvest sensitive information. The activity, which was detected by the...

Microsoft Warns of Kremlin-Backed APT28 Exploiting Critical Outlook Vulnerability

Microsoft on Monday said it detected Kremlin-backed nation-state activity exploiting a now-patched critical security flaw in its Outlook email service to gain unauthorized access to victims' accounts within Exchange servers. The tech giant attributed the intrusions to a threat actor it called...

Russia Sends Cybersecurity CEO to Jail for 14 Years

The Russian government today handed down a treason conviction and 14-year prison sentence on Iyla Sachkov, the former founder and CEO of one of Russias largest cybersecurity firms. Sachkov, 37, has been detained for nearly two years under charges that the Kremlin has kept classified and hidden fr...

Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

Nikita Kislitsin, formerly the head of network security for one of Russias top cybersecurity firms, was arrested last week in Kazakhstan in response to 10-year-old hacking charges from the U.S. Department of Justice. Experts say Kislitsins prosecution could soon put the Kazakhstan government in a...

Russia’s Cyberwar Foreshadowed Deadly Attacks on Civilians

The Kremlin’s aggression in Ukraine is following a dangerous playbook that began to unfold years ago...

Russia’s Sway Over Criminal Ransomware Gangs Is Coming Into Focus

Questions about the Kremlin’s relationships with these groups remain. But researchers are finally getting some answers...

Ukraine Arrests Cybercrime Group for Selling Data of 30 Million Accounts

Ukrainian law enforcement authorities on Friday disclosed that it had "neutralized" a hacking group operating from the city of Lviv that it said acted on behalf of Russian interests. The group specialized in the sales of 30 million accounts belonging to citizens from Ukraine and the European Unio...

Russia continues digital onslaught against Ukrainian systems

According to Microsoft, at least six Kremlin-backed hacking groups have been attacking Ukraine in the digital space in an onslaught that began before the invasion in late February. The company counted more than 237 cyberattack operations against Ukrainian systems and critical infrastructure. Thes...