Sednit is a apt_group tracked across 6 threat clusters and 9 intelligence report mentions on ThreatCluster. First observed February 3, 2026; most recent activity May 28, 2026.
Russian cyber group APT28, also known as Fancy Bear, has been exploiting vulnerabilities in TP-Link and MikroTik routers to conduct large-scale DNS hijacking operations. This campaign, which has affected over 18,000…
ESET's latest APT Activity Report reveals that from October 2025 to March 2026, China-aligned threat actors engaged in extensive espionage campaigns, particularly in Venezuela and the Gulf region. Following U.S.…
APT28, a Russian threat actor, has reactivated its malware development team and deployed a modern espionage toolkit that includes a customized version of the Covenant open-source tool. This resurgence indicates a…
APT28, a Russia-linked advanced persistent threat group, conducted a cyberespionage campaign named Operation MacroMaze from September 2025 to January 2026. The campaign involved deploying macro malware embedded in…
ESET researchers have identified the resurgence of the Sednit group, a notorious Russian cybercriminal organization, linked to the deployment of a keylogger named SlimAgent in Ukraine. This activity is traced back to a…
CERT-UA has reported a new wave of cyberattacks targeting Ukrainian government agencies and EU organizations, exploiting the Microsoft Office vulnerability CVE-2026-21509. Attackers are using malicious emails disguised…