https://securityaffairs.com/58435/apt/cracking-apt28-traffic.html
Cracking APT28 traffic in a few seconds
Oct 22, 2017 - Security experts from security firm Redsocks published an interesting report on how to crack APT28 traffic in a few seconds.
in acrackingapt28trafficseconds
https://www.akamai.com/blog/security-research/2026/apr/incomplete-patch-apt28s-zero-day-cve-2026-32202
A Shortcut to Coercion: Incomplete Patch of APT28's Zero-Day Leads to CVE-2026-32202 | Akamai
Akamai researchers reveal how an incomplete patch for APT28's zero-day led to CVE-2026-32202, a zero-click vulnerability enabling NTLM authentication coercion.
https://thehackernews.com/2026/03/apt28-tied-to-cve-2026-21513-mshtml-0.html?version=meter+at+null
APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday
APT28 exploited CVE-2026-21513, an MSHTML zero-day (CVSS 8.8), using malicious LNK files to bypass security controls and execute code.
https://thehackernews.com/2023/09/ukraines-cert-thwarts-apt28s.html
Ukraine's CERT Thwarts APT28's Cyberattack on Critical Energy Infrastructure
Ukraine's CERT-UA fends off a cyberattack on a critical energy infrastructure. Learn how a phishing email led to an infiltration attempt by APT28.
critical energyukrainecertthwartsapt28
https://thehackernews.com/2025/05/russia-linked-apt28-exploited-mdaemon.html?version=meter+at+null
Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers
APT28 exploited MDaemon zero-day CVE-2024-11182 in targeted webmail hacks across 10+ nations.
zero day
https://thehackernews.com/2024/02/cybersecurity-agencies-warn-ubiquiti.html?ref=blog.emberlake.ky
Cybersecurity Agencies Warn Ubiquiti EdgeRouter Users of APT28's MooBot Threat
Nations unite to warn against the MooBot botnet threat targeting Ubiquiti EdgeRouters.
cybersecurity agenciesubiquiti edgerouterwarn
https://thehackernews.com/2026/03/apt28-uses-beardshell-and-covenant.html?ref=blog.netmanageit.com
APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military
APT28 deploys BEARDSHELL and COVENANT since April 2024 targeting Ukrainian military, enabling cloud-based espionage and persistent surveillance.
covenant malwareapt28usesbeardshell
https://thehackernews.com/2026/02/apt28-uses-microsoft-office-cve-2026.html
APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks
APT28 exploited a Microsoft Office flaw to deliver MiniDoor and Covenant Grunt malware in targeted attacks across Ukraine and Eastern Europe.
microsoft office
https://securityaffairs.com/178165/apt/russia-linked-apt28-targets-western-logistics-entities-and-technology-firms.html
Russia-linked APT28 targets western logistics entities and technology firms
May 22, 2025 - CISA warns Russia-linked group APT28 is targeting Western logistics and tech firms aiding Ukraine, posing an elevated threat to supply chains
russialinkedapt28targetswestern
https://securityaffairs.com/58322/hacking/apt28-hacked-denmark-defense-ministry.html
Denmark blamed Russia APT28 group for cyber intrusions in Defense Ministry Emails
Oct 23, 2017 - Denmark on Monday denounced Russia after the publication of a report that accused Russian APT28 of hacking the defense ministry's email accounts.
https://securityaffairs.com/52133/cyber-crime/tv5monde-cyber-attack.html
The France TV5Monde was almost destroyed by the Russian APT28 group
Oct 11, 2016 - The TV5Monde director-general has told the BBC that his TV was almost destroyed by a targeted cyber attack conducted by the Russian APT28 group.
francetv5mondealmostdestroyedrussian
https://www.golem.de/news/apt28-hackergruppe-soll-cdu-angegriffen-haben-1605-120872.html
APT28: Hackergruppe soll CDU angegriffen haben - Golem.de
Die Gruppe APT28, die auch mit dem Bundestags-Hack in Verbindung gebracht wird, soll die deutsche Regierungspartei CDU angegriffen haben. Ob die...
apt28sollcduhabengolem
https://thehackernews.com/2024/03/apt28-hacker-group-targeting-europe.html?ref=secretciso.org
APT28 Hacker Group Targeting Europe, Americas, Asia in Widespread Phishing Scheme
IBM X-Force uncovers extensive phishing campaigns by APT28, targeting Europe, the South Caucasus, Central Asia, and the Americas.
hacker groupapt28targetingeurope
https://securityaffairs.com/52133/hacking/tv5monde-cyber-attack.html
The France TV5Monde was almost destroyed by the Russian APT28 group
Oct 11, 2016 - The TV5Monde director-general has told the BBC that his TV was almost destroyed by a targeted cyber attack conducted by the Russian APT28 group.
francetv5mondealmostdestroyedrussian
https://www.sentinelone.com/blog/here-we-go-crimeware-apt-journey-from-robbinhood-to-apt28/
From "RobbinHood" to APT28: Crimeware Virus & APT Journey
Oct 27, 2022 - What is crimeware? Vitali Kremez explores Golang malware through a comparison of Robbinhood ransomware to APT 28. Learn more here.
apt28crimewarevirusjourney
https://www.akamai.com/blog/security-research/incomplete-patch-apt28s-zero-day-cve-2026-32202
A Shortcut to Coercion: Incomplete Patch of APT28's Zero-Day Leads to CVE-2026-32202 | Akamai
Akamai researchers reveal how an incomplete patch for APT28's zero-day led to CVE-2026-32202, a zero-click vulnerability enabling NTLM authentication coercion.
https://thehackernews.com/2026/04/russian-state-linked-apt28-exploits.html?version=meter+at+null
Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign
APT28 exploits SOHO routers for global DNS hijacking and adversary-in-the-middle attacks, enabling credential theft and espionage.
russian statesoho routers
https://securityaffairs.com/59820/apt/apt28-targets-montenegro.html
Russia Linked hacker group APT28 continues to target Montenegro
Oct 22, 2017 - Once again, Montenegro was targeted by the Russia-linked hacker group APT28, according to the experts it is just the beginning.
hacker grouprussialinkedapt28continues
https://www.infosecurity-magazine.com/news/russian-apt28-exploits-outlook-bug/
Russian APT28 Exploits Outlook Bug to Access Exchange - Infosecurity Magazine
Dec 5, 2023 - Notorious Russian APT28 group is actively exploiting CVE-2023-23397 to hijack Exchange email accounts
to accessrussianapt28exploitsoutlook
https://hackread.com/op-neusploit-russia-apt28-microsoft-office-malware/
Op Neusploit: Russian APT28 Uses Microsoft Office Flaw in Malware Attacks
Feb 3, 2026 - A new campaign by the Russian-linked group APT28, called Op Neusploit, exploits a Microsoft Office flaw to steal emails for remote control of devices in...
microsoft officeoprussianapt28uses
https://cyberscoop.com/apt28-targeted-montenegros-government-joined-nato-researchers-say/?category_news=news
APT28 targeted Montenegro's government before it joined NATO, researchers say | CyberScoop
Jun 6, 2017 - As Montenegro preprepared to join NATO, a hacking group linked to Russian intelligence was actively engaged in a cyber espionage campaign against Montenegrin...
https://securityaffairs.com/94747/apt/evolutions-apt28-attacks.html
The evolutions of APT28 attacks .... ..... .... .... .... .... ....
Dec 5, 2019 - Analyzing how tactics, techniques and procedures of the Russia-linked APT28 cyberespionage group evolve over the time. ...
evolutionsapt28attacks
https://securityaffairs.com/61924/breaking-news/apt28-hotels-guests.html
APT28 hackers are leveraging NSA Hacking tool to spy on Hotels guests
Oct 4, 2017 - According to FireEye, the notorious Russia-linked APT28 group is behind an ongoing campaign targeting hotels in several European countries.
hacking tool
https://securityaffairs.com/155254/apt/apt28-outlook-hijack-ms-exchange-accounts.html
Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts
Dec 5, 2023 - Microsoft warns that Russia-linked APT28 group is actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts
https://thehackernews.com/2026/04/russian-state-linked-apt28-exploits.html?m=0
Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign
APT28 exploits SOHO routers for global DNS hijacking and adversary-in-the-middle attacks, enabling credential theft and espionage.
russian statesoho routers
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/apt28-threat-group-adopts-dde-technique-nyc-attack-theme-in-latest-campaign/
Threat Group APT28 Slips Office Malware into Doc Citing NYC Terror Attack
May 28, 2025 - While monitoring activities around APT28, we identified a malicious Word document that leverages the Microsoft Office DDE technique.
https://thehackernews.com/2023/05/apt28-targets-ukrainian-government.html
APT28 Targets Ukrainian Government Entities with Fake "Windows Update" Emails
CERT-UA has issued a warning regarding Russian cyber attacks targeting Ukrainian government entities through phishing emails disguised as updates.
ukrainian governmentwindows updateapt28targetsentities