ransomNewsMar 3
⚠️ New threat actor on the radar ⚠️ 🥷🏻 AiLock 🗓️ added on March 03, 2026 (first identified April 2025) 🥢 Overview Emerging ransomware group that publicly markets itself as "AI-assisted." Active since early 2025, it is suspected of having ties to the Russian state-associated threat actor #FancyBear
AI Daily PostFeb 26

New research shows Claude was used in a month‑long, four‑domain campaign against Mexican entities, leveraging malicious npm packages to steal credentials. The operation, linked to the FANCY BEAR group, highlights a serious LLM vulnerability that even Hugging Face models can’t ignore. Read the full analysis. #ClaudeAttack #npmMalware #FANCYBEAR #LLMVulnerability

🔗 https://aidailypost.com/news/claude-executed-monthlong-fourdomain-attack-mexico-linked-enterprise

Hackread.comJan 12

Russian BlueDelta (Fancy Bear) uses PDFs to steal logins in just 2 seconds, targeting energy and research professionals globally.

Read: https://hackread.com/russian-bluedelta-fancy-bear-pdfs-steal-login/

#BlueDelta #FancyBear #Phishing #CyberSecurity #Russia

Russian BlueDelta (Fancy Bear) Uses PDFs to Steal Logins in Just 2 Seconds

Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

Show threadMarcel SIneM(S)USDec 23
Problembär-Dressur: "Der Russe war es" reicht nicht | heise online https://www.heise.de/hintergrund/Problembaer-Dressur-Der-Russe-war-es-reicht-nicht-11114387.html #Desinformationen #Desinformation #FakeNews #FancyBear #Storm1516 #Demokratie #democracy #Russland 🇷🇺 #Russia 🇷🇺 #APT28
Problembär-Dressur: "Der Russe war es" reicht nicht

Die Bundesregierung macht Russland für Fälle von Desinformation und Cyberangriffen verantwortlich. Die Zuordnung dauerte teils sehr lange.

heise online
Show threadMarcel SIneM(S)USDec 23
Attacken von #APT28 und Co.: Was die #Bundesregierung #Russland 🇷🇺 vorwirft | heise online https://www.heise.de/news/Attacken-von-APT28-und-Co-Was-die-Bundesregierung-Russland-vorwirft-11114473.html #Russia 🇷🇺 #Desinformationen #Desinformation #FakeNews #FancyBear #Storm1516 #Demokratie #democracy #CyberWar
Attacken von APT28 und Co.: Was die Bundesregierung Russland vorwirft

Falschnachrichten, Fake-Videos und eine Cyberattacke: Die Bundesregierung ordnet Russland hybride Angriffe unter anderem auf den Bundestagswahlkampf zu.

heise online
Marcel SIneM(S)USDec 23

Da fällt mir ein deutscher Politiker aus der Vergangenheit ein, der nach Veröffentlichung der Spionageaktivitäten der USA gegen seine Verbündete und folgenden Gesprächen im Sinne sagte: "Wir haben uns ausgetauscht und sie haben versprochen das nie wieder zu machen."  

Großer Cyberangriff: #Bundesregierung bestellt Russlands Botschafter ein | heise online https://www.heise.de/news/Grosser-Cyberangriff-Bundesregierung-bestellt-Russlands-Botschafter-ein-11113565.html #CyberWar #Russland 🇷🇺 #Russia 🇷🇺 #Desinformationen #Desinformation #FakeNews #FancyBear #Storm1516 #Demokratie #democracy #APT28

Großer Cyberangriff: Bundesregierung bestellt Russlands Botschafter ein

Nachdem Russland ein großer Cyberangriff und eine Desinformationskampagne zugeschrieben wurde, hat die Bundesregierung am Freitag den Botschafter einbestellt.

heise online
McDonald_69Nov 13

“World-class” Russian Fancy Bear hacker wanted by FBI and arrested in Thailand is likely GRU officer Aleksey Lukashev

On Nov. 12, Thai cyber police announced the arrest of a 35-year-old Russian citizen on the island of Phuket, adding that the unnamed suspect stands wanted in the United States on charges of hacking government institutions in Europe and the U.S.

https://theins.ru/en/news/286815

#FancyBear #hacker

“World-class” Russian hacker wanted by FBI and arrested in Thailand is likely GRU officer Aleksey Lukashev

On Nov. 12, Thai cyber police announced the arrest of a 35-year-old Russian citizen on the island of Phuket, adding that the unnamed suspect stands wanted in the United States on charges of hacking government institutions in Europe and the U.S. The Russian national was detained in a joint operation with the FBI, which had informed Thai authorities that he had entered the country on Oct. 30 and checked into a hotel in the Thalang District. The independent outlet Vot Tak noted that among the GRU hackers officially wanted by the FBI, only one matches the age stated by Thai police — Aleksey Lukashev.

The Insider
Päivi PulkkinenOct 31

#ThePlotToHackAmerica

#FancyBear
#CozyBear
#sponsoredbyrussia
#MalcolmNance

The Threat CodexSep 10, 2025
FANCY BEAR GONEPOSTAL – Espionage Tool Provides Backdoor Access to Microsoft Outlook
#FancyBear #GONEPOSTAL
https://www.kroll.com/en/publications/cyber/fancy-bear-gonepostal-espionage-tool-backdoor-access-microsoft-outlook
GONEPOSTAL Malware Espionage | Cyber | Kroll

Kroll has observed GONEPOSTAL malware used in an espionage campaign attributed to KTA007 (Fancy Bear, APT28). Read more

Kroll
Éric FreyssinetJul 23, 2025

Cato CTRL™ Threat Research: Analyzing LAMEHUG | Cato Networks

"First Known LLM-Powered Malware with Links to APT28 (Fancy Bear)"

https://www.catonetworks.com/blog/cato-ctrl-threat-research-analyzing-lamehug/

#APT28 #FancyBear #AI #LLM #Lamehug #HuggingFace

Cato CTRL™ Threat Research: Analyzing LAMEHUG – First Known LLM-Powered Malware with Links to APT28 (Fancy Bear) 

LAMEHUG is an LLM-powered malware discovered by the Computer Emergency Response Team of Ukraine (CERT-UA). According to CERT-UA, LAMEHUG has links to APT28 (Fancy Bear).

Cato Networks