Signal is a organization tracked across 50 threat clusters and 174 intelligence report mentions on ThreatCluster. First observed October 31, 2025; most recent activity July 15, 2026.
On April 22, 2026, the BSI and BfV reported an active phishing campaign targeting high-profile individuals in Germany via the Signal messaging app. The campaign, attributed to a likely state-sponsored actor, focuses on…
The European Union has condemned and sanctioned Russia for a prolonged cyber espionage campaign targeting its member states. The campaign, orchestrated by the 16th Centre of the FSB, has involved infiltrating government…
The US Department of State has announced a reward of up to $10 million for information on two Russian-linked hacking groups, UNC5792 and UNC4221, accused of phishing attacks on Signal and WhatsApp users. These groups…
German federal prosecutors have launched an investigation into a series of phishing attacks targeting politicians, military personnel, and journalists using the Signal messaging app. The attacks have reportedly…
In March 2026, the WhatsApp accounts of a federal MP and three staffers were compromised in a phishing attack believed to be orchestrated by a foreign state actor, likely Russia. The attack involved hackers requesting…
Ahead of Armenia's parliamentary elections on June 7, 2026, Russia is reportedly employing various tactics to undermine the electoral process. Disinformation campaigns, cyberattacks, and illicit political financing are…
Russian-backed hackers have launched a global cyber campaign aimed at compromising Signal and WhatsApp accounts of officials, military personnel, and journalists. The Dutch intelligence agencies, AIVD and MIVD, issued…
The FBI and CISA have issued a warning regarding a phishing campaign by Russian intelligence services targeting Signal users to steal Backup Recovery Keys. This escalation allows attackers to access victims' historical…
Bauman Moscow State Technical University is revealed to host a secret department training students for the GRU, Russia's military intelligence. Leaked documents show that over 2,000 students have been trained in…
Russian state-aligned threat groups are increasingly exploiting Remote Desktop Protocol (RDP), Virtual Private Networks (VPNs), and supply chain vulnerabilities to gain initial access to networks across various sectors,…