CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

	Blurring Lines Between Scattered Spider & Russian Cybercrime Description: The loosely affiliated hacking group has shifted closer to ransomware gangs, raising questions about Scattered Spider's ties to the Russian cybercrime underground. Source: Dark Reading May 27th, 2025 (17 days ago)
	CISA: Russia's Fancy Bear Targeting Logistics, IT Firms Description: The mission is to gather information that could help Russia in its war against Ukraine. Source: Dark Reading May 27th, 2025 (17 days ago)
	Russian Threat Actor TAG-110 Goes Phishing in Tajikistan Description: While Ukraine remains Russia's major target for cyberattacks, TAG-110 is part of a strategy to preserve "a post-Soviet sphere of influence" by embedding itself in other countries' infrastructures. Source: Dark Reading May 27th, 2025 (17 days ago)
	Danabot Takedown Deals Blow to Russian Cybercrime Description: A multiyear investigation by a public-private partnership has resulted in the seizure of the botnet's US-based infrastructure and indictments for its key players, significantly disrupting a vast cybercriminal enterprise. Source: Dark Reading May 27th, 2025 (17 days ago)
	Russian hospital programmer gets 14 years for leaking soldier data to Ukraine Description: A Russian court sentenced a former hospital programmer to 14 years in a high-security penal colony for allegedly leaking personal data of Russian soldiers to Ukraine, authorities said. Source: The Record May 27th, 2025 (17 days ago)
	New Russian cyber-spy crew Laundry Bear joins the email-stealing pack Source: TheRegister May 27th, 2025 (17 days ago)
	Dutch intelligence unmasks previously unknown Russian hacking group 'Laundry Bear' Description: Recent attacks on institutions in the Netherlands were the work of a previously unknown Russian hacking group that Dutch intelligence agencies are labeling Laundry Bear. Microsoft also reported on the group, naming it Void Blizzard. Source: The Record May 27th, 2025 (17 days ago)
	Russian Hackers Breach 20+ NGOs Using Evilginx Phishing via Fake Microsoft Entra Pages Description: Microsoft has shed light on a previously undocumented cluster of threat activity originating from a Russia-affiliated threat actor dubbed Void Blizzard (aka Laundry Bear) that it said is attributed to "worldwide cloud abuse." Active since at least April 2024, the hacking group is linked to espionage operations mainly targeting organizations that are important to Russian government objectives, Source: TheHackerNews May 27th, 2025 (17 days ago)
	Russian Void Blizzard cyberspies linked to Dutch police breach Description: A previously unknown Russian-backed cyberespionage group now tracked as Void Blizzard has been linked to a September 2024 Dutch police security breach. [...] Source: BleepingComputer May 27th, 2025 (18 days ago)
	Russia-Linked Hackers Target Tajikistan Government with Weaponized Word Documents Description: The Russia-aligned threat actor known as TAG-110 has been observed conducting a spear-phishing campaign targeting Tajikistan using macro-enabled Word templates as an initial payload. The attack chain is a departure from the threat actor's previously documented use of an HTML Application (.HTA) loader dubbed HATVIBE, Recorded Future's Insikt Group said in an analysis. "Given TAG-110's historical Source: TheHackerNews May 27th, 2025 (18 days ago)