Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Western cyber aid to Ukraine faces strain as Russia's war drags on
Description: As the war between Russian and Ukraine continues, Western cyber support is waning, raising growing concerns about the long-term effectiveness of these efforts.
Source: The Record
April 2nd, 2025 (15 days ago)
Russia tightens cybersecurity measures as financial fraud hits record high
Description: Vladimir Putin signed a law on Monday that prohibits state institutions, banks and others from using foreign messaging apps when communicating with customers.
Source: The Record
April 1st, 2025 (16 days ago)
Digital disruptions continue for Russian transportation, this time at state railway
Description: A day after an incident affected the Moscow subway system, Russian state railway RZD said a distributed denial-of-service (DDoS) attack disrupted its website and app.
Source: The Record
April 1st, 2025 (16 days ago)
Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp
Description: The threat actors behind the zero-day exploitation of a recently-patched security vulnerability in Microsoft Windows have been found to deliver two new backdoors called SilentPrism and DarkWisp. The activity has been attributed to a suspected Russian hacking group called Water Gamayun, which is also known as EncryptHub and LARVA-208. "The threat actor deploys payloads primarily by means of

CVSS: HIGH (7.0)

EPSS Score: 1.47%

Source: TheHackerNews
March 31st, 2025 (17 days ago)
Russia-Linked Gamaredon Uses Troop-Related Lures to Deploy Remcos RAT in Ukraine
Description: Entities in Ukraine have been targeted as part of a phishing campaign designed to distribute a remote access trojan called Remcos RAT. "The file names use Russian words related to the movement of troops in Ukraine as a lure," Cisco Talos researcher Guilherme Venere said in a report published last week. "The PowerShell downloader contacts geo-fenced servers located in Russia and Germany to
Source: TheHackerNews
March 31st, 2025 (17 days ago)
Firefox fixes flaw similar to Chrome zero-day used against Russian organizations
Description: Developers of Mozilla's Firefox say that reports on a Google Chrome zero-day vulnerability led them to find a similar bug for the Windows version of their browser.
Source: The Record
March 28th, 2025 (20 days ago)
After Chrome patches zero-day used to target Russians, Firefox splats similar bug
Source: TheRegister
March 28th, 2025 (21 days ago)
Russia arrests three for allegedly creating Mamont malware, tied to over 300 cybercrimes
Description: Russian authorities said they arrested three people and seized hardware in an operation against Mamont malware, which specializes in stealing money from Android device users.
Source: The Record
March 27th, 2025 (21 days ago)
Russian media, academia targeted in espionage campaign using Google Chrome zero-day exploit
Description: “We have discovered and reported dozens of zero-day exploits actively used in attacks, but this particular exploit is certainly one of the most interesting we’ve encountered,” researchers from Kaspersky said in their analysis published Tuesday.
Source: The Record
March 27th, 2025 (21 days ago)
RedCurl Shifts from Espionage to Ransomware with First-Ever QWCrypt Deployment
Description: The Russian-speaking hacking group called RedCurl has been linked to a ransomware campaign for the first time, marking a departure in the threat actor's tradecraft. The activity, observed by Romanian cybersecurity company Bitdefender, involves the deployment of a never-before-seen ransomware strain dubbed QWCrypt. RedCurl, also called Earth Kapre and Red Wolf, has a history of orchestrating
Source: TheHackerNews
March 26th, 2025 (22 days ago)