Sandworm is a apt_group tracked across 46 threat clusters and 78 intelligence report mentions on ThreatCluster. First observed November 6, 2025; most recent activity July 14, 2026.
In late December 2025, Russian-linked hackers from the Sandworm group launched attacks using a new wiper malware named DynoWiper, specifically targeting a Polish energy company. The malware is designed to cause…
In December 2025, Poland's power grid was targeted by a sophisticated cyberattack attributed to Russia's Federal Security Service (FSB). The attack aimed to disrupt communication between renewable energy systems and…
The Russian state-backed hacking group Sandworm has intensified its operations against Ukrainian organizations by deploying data-wiping malware. This campaign targets critical sectors, including the grain industry, and…
Two Russia-aligned cyber campaigns are exploiting the WinRAR vulnerability CVE-2025-8088 against Ukrainian targets nearly a year after it was patched. The flaw, a path traversal vulnerability, allows attackers to write…
Forescout Technologies has identified 22 new vulnerabilities in serial-to-IP converters from Lantronix and Silex, which are widely used in critical sectors like healthcare and utilities. These vulnerabilities,…
The Gamaredon group, a Russian-aligned APT, has significantly upgraded its cyber capabilities in 2025, focusing on spear-phishing campaigns against Ukrainian targets. ESET Research reports that Gamaredon conducted 35…
The European Union has condemned and sanctioned Russia for a prolonged cyber espionage campaign targeting its member states. The campaign, orchestrated by the 16th Centre of the FSB, has involved infiltrating government…
The Russian state-sponsored group Sandworm has intensified its cyber operations against industrial and critical infrastructure, utilizing pre-compromised operational technology (OT) environments instead of zero-day…
Bauman Moscow State Technical University is revealed to host a secret department training students for the GRU, Russia's military intelligence. Leaked documents show that over 2,000 students have been trained in…
The Belarus-aligned cyber group FrostyNeighbor has launched a targeted campaign against government organizations in Ukraine and Poland since March 2026. Utilizing spearphishing techniques, the group delivers malicious…