Lumma Stealer is a malware family tracked across 46 threat clusters and 73 intelligence report mentions on ThreatCluster. First observed November 3, 2025; most recent activity July 17, 2026.
In December 2025, Poland's power grid was targeted by a sophisticated cyberattack attributed to Russia's Federal Security Service (FSB). The attack aimed to disrupt communication between renewable energy systems and…
A joint advisory from 21 global cybersecurity agencies warns that Russian state hackers from the FSB's Center 16 are exploiting poorly configured routers to infiltrate critical infrastructure networks worldwide. The…
On June 18, 2026, international law enforcement agencies launched Operation Endgame, disrupting the SocGholish malware infrastructure linked to the Russian cybercrime group Evil Corp. The operation resulted in the…
The European Union has condemned and sanctioned Russia for a prolonged cyber espionage campaign targeting its member states. The campaign, orchestrated by the 16th Centre of the FSB, has involved infiltrating government…
On July 13, 2026, the EU sanctioned VKontakte and its subsidiary Communication Platform LLC for developing the Max messaging app, which is linked to extensive surveillance and repression in Russia. The app, supervised…
On July 13, 2026, the U.S. Treasury's Office of Foreign Assets Control (OFAC) sanctioned First VPN Service (1VPNS), its administrator Dmytro Rashevskyi, and malware provider Yegeniy Vladimirovich Silayev for enabling…
On March 20, 2026, the U.S. Justice Department, in collaboration with law enforcement from Canada and Germany, announced the dismantling of four significant botnets: Aisuru, KimWolf, JackSkid, and Mossad. These botnets…
A coordinated international effort led by Microsoft and Europol has dismantled Tycoon2FA, a significant phishing-as-a-service platform responsible for bypassing multi-factor authentication and enabling large-scale…
In January 2026, the Chronus Group executed a significant data breach against the Mexican government, compromising 2.3 terabytes of sensitive data from at least 25 agencies. The breach exposed personal information of up…
A significant cybersecurity campaign has emerged, exploiting the legitimate remote access tool ScreenConnect to deploy AsyncRAT malware. Attackers utilized spoofed websites and typosquatted domains, masquerading as…