Roman KApr 9
Військова розвідка ЧР прийняла участь у операції в рамках кібервійни з росією, разом з колегами з #США та інших країн.
Operation Masquerade проводилась в березні 2026 року і полягала у відновленні роутерів, хакнутих російськими хакерами з групи #APT28. Ця група, відома також під назвою #FancyBear, працює на російське #ГРУ, протягом 2025 року взяла під контроль тисячі роутерів #TPLink, які містили незалатані діри, і використовувала їх для перехоплення трафіку користувачів.
#hackers #cybersecurity
Hackread.comApr 8

📢 Russian-linked #ForestBlizzard hackers hijack home routers for global surveillance, as Microsoft warns that thousands of devices are compromised to intercept traffic and sensitive data.

Read: https://hackread.com/russian-forest-blizzard-hackers-hijack-home-routers/

#CyberSecurity #Hacking #Russia #FancyBear #Routers

Russian Forest Blizzard Hackers Hijack Home Routers for Global Spying

Microsoft Threat Intelligence reveals how Russian hacking group Forest Blizzard uses home routers for DNS hijacking and spying.

Hackread - Cybersecurity News, Data Breaches, AI and More
The New OilApr 8

Authorities disrupt router #DNS hijacks used to steal #Microsoft365 logins

https://www.bleepingcomputer.com/news/security/authorities-disrupt-dns-hijacks-used-to-steal-microsoft-365-logins/

#cybersecurity #Microsoft #MikroTik #TPLink #FrostArmada #Russia #FancyBear

Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins

An international operation from law enforcement authorities in partnership with private companies has disrupted FrostArmada, an APT28 campaign hijacking local traffic from MikroTik and TP-Link routers to steal Microsoft account credentials.

BleepingComputer
Marcel SIneM(S)USApr 8
Warnung aus UK 🇬🇧 : Russische Cyberkriminelle kapern Router zum Passwort-Klau | heise online https://www.heise.de/news/Warnung-aus-UK-Russische-Cyberkriminelle-kapern-Router-zum-Passwort-Klau-11247959.html #CyberCrime #Russland 🇷🇺 #Russia 🇷🇺 #APT28 #ForestBlizzard #FancyBear #STRONTIUM #Sednit #Sofacy
Warnung aus UK: Russische Cyberkriminelle kapern Router zum Passwort-Klau

Das britische Cybersicherheitszentrum NCSC meldet Cyberangriffe auf Internetrouter. Die Bande aus Russland ist auch mehrerer Attacken in Deutschland verdächtig.

heise online
Analyst207Apr 7

Russian Hackers Exploit Router Flaws to Steal Microsoft Office Tokens

Russian hackers have been quietly stealing Microsoft Office tokens from users on over 18,000 networks by exploiting known flaws in older internet routers, and here's the kicker: they did it without installing any malicious software. This sneaky campaign, linked to Russia's military intelligence units, highlights the surprising…

https://osintsights.com/russian-hackers-exploit-router-flaws-to-steal-microsoft-office-tokens

#Russia #MicrosoftOffice #RouterVulnerabilities #Nationstate #FancyBear

Russian Hackers Exploit Router Flaws to Steal Microsoft Office Tokens

Russian hackers exploit router flaws to steal Microsoft Office tokens from 18,000 networks, learn how to protect your business from these attacks now.

OSINTSights
BennyApr 7

Ich hab noch TP-Link Hardware rumfliegen. Was muss für ne Übernahme durch #fancybear tun???

Ein bisschen cool ist es schon, wenn der #Verfassungsschutz dir einen Brief schickt, und um Vertraulichkeit bittet.

#tp_link #infosec

KrebsOnSecurity RSSApr 7

Russia Hacked Routers to Steal Microsoft Office Tokens

https://krebsonsecurity.com/2026/04/russia-hacked-routers-to-steal-microsoft-office-tokens/

#NationalCyberSecurityCentre #InternetofThings(IoT) #Ne'er-Do-WellNews #ALittleSunshine #MicrosoftOffice #LatestWarnings #TheComingStorm #BlackLotusLabs #ForestBlizzard #DannyAdamitis #RyanEnglish #FancyBear #MikroTik #TP-Link #APT28 #Lumen

Russia Hacked Routers to Steal Microsoft Office Tokens – Krebs on Security

Analyst207Apr 7

NCSC Warns of Russia's Ongoing Router Exploits

Russia's notorious hackers, Fancy Bear, are exploiting routers to steal passwords and sensitive information, compromising the security of countless individuals and organisations. With around 5,000 devices and 200 organisations already affected, experts warn that this latest threat is one to take seriously.

https://osintsights.com/ncsc-warns-of-russias-ongoing-router-exploits

#Russia #FancyBear #RouterExploits #Ncsc #Microsoft

NCSC Warns of Russia's Ongoing Router Exploits

NCSC warns of Russia's ongoing router exploits; protect your network now and learn how to safeguard against Fancy Bear's latest cyber attacks and data theft.

OSINTSights
ransomNewsMar 3
⚠️ New threat actor on the radar ⚠️ 🥷🏻 AiLock 🗓️ added on March 03, 2026 (first identified April 2025) 🥢 Overview Emerging ransomware group that publicly markets itself as "AI-assisted." Active since early 2025, it is suspected of having ties to the Russian state-associated threat actor #FancyBear
AI Daily PostFeb 26

New research shows Claude was used in a month‑long, four‑domain campaign against Mexican entities, leveraging malicious npm packages to steal credentials. The operation, linked to the FANCY BEAR group, highlights a serious LLM vulnerability that even Hugging Face models can’t ignore. Read the full analysis. #ClaudeAttack #npmMalware #FANCYBEAR #LLMVulnerability

🔗 https://aidailypost.com/news/claude-executed-monthlong-fourdomain-attack-mexico-linked-enterprise