Gamaredon is a apt_group tracked across 15 threat clusters and 20 intelligence report mentions on ThreatCluster. First observed November 6, 2025; most recent activity June 30, 2026.
The Russian state-backed hacking group Sandworm has intensified its operations against Ukrainian organizations by deploying data-wiping malware. This campaign targets critical sectors, including the grain industry, and…
Gamaredon, a Russian state-backed APT group, is actively exploiting a WinRAR vulnerability (CVE-2025-8088) to deploy malware against Ukrainian government and military targets. The attack begins with a spearphishing…
Two Russia-aligned cyber campaigns are exploiting the WinRAR vulnerability CVE-2025-8088 against Ukrainian targets nearly a year after it was patched. The flaw, a path traversal vulnerability, allows attackers to write…
The Gamaredon group, a Russian-aligned APT, has significantly upgraded its cyber capabilities in 2025, focusing on spear-phishing campaigns against Ukrainian targets. ESET Research reports that Gamaredon conducted 35…
Malaysia's cyber threat landscape is experiencing a structural shift due to rapid digital growth and geopolitical factors, making it a prime target for cyber attacks. A report from Cyfirma indicates that state-backed…
The Russian state-backed hacker group Sandworm has launched a campaign using data-wiping malware against Ukrainian organizations, particularly focusing on the grain sector. This attack aims to disrupt critical…
ESET Research reports a significant increase in Russian cyber attacks, particularly from the Gamaredon and Sandworm groups, which have utilized spearphishing as their primary attack method. Additionally, the Lazarus…
Councils have been warned of the urgent need to prepare for cyber attacks after a significant incident at Western Isles Council in November 2023. The Accounts Commission emphasized that councils should adopt a…
The CVE-2025-8088 vulnerability in WinRAR is being exploited by various threat actors for initial access and to deploy malware. The flaw allows attackers to use Alternate Data Streams to write malicious files to…
Research indicates that Russian APT group Gamaredon and North Korean Lazarus Group are collaborating by sharing operational infrastructure. This partnership marks a significant development in state-sponsored cyber…