Operation Endgame, a coordinated law enforcement action by Netherlands, Canada, US, and Germany, disrupted TA569's SocGholish web inject infrastructure by taking down over 100 servers and remediating 14,971 compromised websites. TA569 compromises legitimate websites—often WordPress installations—to inject obfuscated JavaScript that presents fake browser update pages to visitors, ultimately delivering GhoLoader malware which can lead to ransomware deployments. The attack chain leverages traffic direction systems (TA2726's Keitaro TDS and ParrotTDS) for victim filtering and uses advanced client-side blob URL construction to evade sandbox detection and network-based download tracing.
The Armored Likho APT group deploys a previously undocumented Python-based infostealer called BusySnake Stealer against government agencies and electric power sector organizations in Russia, Brazil, and Kazakhstan. The malware uses PyArmor Pro obfuscation, AI-generated first-stage loaders hosted on GitHub, and a modular C2 architecture to steal browser credentials, cookies, cryptocurrency wallets, 2FA secrets, Telegram data, and screenshots. The campaign demonstrates evolving TTPs including in-memory Python script execution, COM-based scheduled task persistence, and integrated reverse SSH tunneling that receives keys directly from the C2 server.
AI is not fundamentally changing adversary capabilities but is compressing attack timelines, lowering operational costs, and scaling existing tactics. Breakout times have dropped to an average of 29 minutes, with AI-enabled operations increasing 89% year-on-year. The most significant emerging threats are runtime-LLM malware (PROMPTSTEAL/LAMEHUG, QUIETVAULT) that query language models during execution, and agentic AI operations (GTG-1002) where AI agents conduct multi-stage intrusions with minimal human steering. Defenders face a dual pressure: faster attacks and an expanding attack surface from AI supply-chain dependencies.
Google Threat Intelligence Group analyzed STOCKSTAY, a modular .NET backdoor developed and operated by Turla since late 2022, which uses a WebSocket-based C2 channel, RSA/AES encrypted communications, and IPC via WM_COPYDATA between its downloader, orchestrator, tunneler, and backdoor components. STOCKSTAY exhibits strong code, architectural, and obfuscation (K1MORPHER) overlaps with KAZUAR, suggesting a shared development team, and has been deployed via phishing (malicious RDP files, HTA lures) and, most recently, exploitation of CVE-2025-8088 in WinRAR to target Ukrainian military personnel. The actor leverages legitimate hosting platforms (Render, Glitch, GitHub) and compromised third-party/government infrastructure to obscure C2 infrastructure and complicate attribution.
Google Threat Intelligence Group analyzes the evolution of the pro-Russia influence ecosystem four years into the full-scale invasion of Ukraine, identifying a pivot from war-focused operations back to global strategic objectives targeting the West, NATO, and the EU. The ecosystem comprises six interconnected components — overt media, covert IO campaigns, hacktivism, cyber espionage, government direction, and outsourced proxies — that cross-promote and amplify narratives. Key trends include the increasing use of generative AI for content creation, the blending of cyber espionage with influence operations via hack-and-leak tactics, and the outsourcing of capability development to contractors like NTC Vulkan for plausible deniability.
Gamaredon, a Russia-aligned APT group attributed to the FSB, maintained high operational tempo throughout 2025 with 35 spearphishing campaigns exclusively targeting Ukrainian government and military institutions. The group introduced six new PowerShell tools, resurrected the PteroSetup VBScript weaponizer for lateral movement, and began abusing CVE-2025-8088 (WinRAR) for persistence via the Startup folder. A significant infrastructure evolution occurred: C&C servers are now hidden behind tunnel services (Cloudflare tunnels, Cloudflare workers, Microsoft devtunnels, Loophole) and dead-drop resolutions on legitimate platforms (Telegram, Telegra.ph, Rentry, GoFile, Dropbox, and others), while stolen data is exfiltrated to S3-compatible cloud storage (Wasabi, Tebi, Intercolo) rather than attacker-owned servers.
AI Attacked and Abused While Perimeter Authentication Collapses
The month's defining shift was the emergence of AI as a two-sided battlefield: organizations deployed AI tools faster than they secured them, while attackers weaponized the same technology against defenders. Critical flaws in LangGraph allowed SQL injection chained to remote code execution, M365 Copilot could be turned into a one-click data exfiltration weapon via SearchLeak, and Langflow was exploited to deploy cryptominers. Meanwhile, the ongoing Shai-Hulud campaign injected prompts to blind AI malware scanners, macOS.Gaslight turned prompt injection against human analysts, and Russia's APT28 began experimenting with LLM-integrated malware. At the same time, perimeter authentication collapsed at scale: FortiBleed exposed credentials for over 73,000 FortiGate firewalls, CVE-2026-50751 let attackers bypass Check Point VPN authentication entirely, and ShinyHunters exploited an Oracle PeopleSoft zero-day across over 100 organizations.
Supply chain attackers followed developers to their new AI tools, compromising the ecosystems where code is written and built. The Shai-Hulud/Miasma worm expanded from npm into PyPI and injected persistent backdoors into AI coding assistant configurations, while North Korea's Sapphire Sleet compromised over 140 Mastra npm packages to steal cryptocurrency wallets, and the ongoing GlassWorm campaign pivoted to WebAssembly malware in VS Code extensions using the Solana blockchain as command-and-control. Social engineering also industrialized: the ErrTraffic framework turned ClickFix deception into a Malware-as-a-Service operation with blockchain dead drops, and EvilTokens hid phishing flows inside browser-side encryption to defeat network scanners while hijacking Microsoft device-code authentication.
Organizations should treat AI deployments as untrusted perimeter assets—restrict their network access, audit third-party skills and extensions, and assume prompt-injection attacks will target both automated scanners and human analysts. Every internet-facing VPN, firewall, and edge appliance should be patched immediately, with credentials rotated and phishing-resistant MFA enforced, because perimeter authentication failures now cascade directly into internal network compromise.
A widespread malware campaign is leveraging compromised WhatsApp accounts to distribute malicious VBScript files disguised as financial documents. The multi-stage infection chain abuses legitimate Windows utilities to download payloads, attempts to bypass UAC via registry modifications, and ultimately deploys a preconfigured ManageEngine Endpoint Central RMM agent to establish persistent remote access.
The FortiBleed campaign involves the exposure of valid administrative and SSL VPN credentials for over 73,000 FortiGate firewalls worldwide. A Russian-speaking threat group intercepted authentication hashes, likely via exported configuration files, and cracked them offline using Hashtopolis to gain initial access. Subsequent post-compromise activity targeted internal Active Directory environments with enumeration, password spraying, and SMB/DFS data collection scripts.
A newly discovered Windows loader, OXLOADER, is being distributed via malicious Google Ads impersonating Node.js to deliver the CASTLESTEALER infostealer. The loader utilizes advanced evasion techniques, including control-flow flattening, anti-sandbox checks, and staging shellcode within the .reloc section of a copied system DLL, to maintain low detection rates across static engines.
Operation Endgame successfully disrupted the SocGholish (TA569) initial access framework, which relies on compromised WordPress sites and Traffic Distribution Systems (TDS) to deliver fake browser updates. The threat actor utilizes domain shadowing and a multi-stage JScript payload to establish footholds, primarily targeting corporate environments during standard work weeks to facilitate follow-on ransomware deployment.
Insikt Group's analysis of the global state digital surveillance landscape identifies 31 countries as high or very high risk, driven by the proliferation of commercial spyware, network interception technologies, and AI-powered data aggregation. The report outlines five primary surveillance vectors—network, endpoint, platform, public space, and data aggregation—and highlights the increasing threat to foreign nationals and business travelers, necessitating strict device management and travel security protocols.
The NCSC CEO reported that approximately 75% of the 200+ cyber incidents affecting UK critical national infrastructure over the past year were linked to hostile state actors such as Russia, China, and Iran. The NCSC warns that unpatched legacy systems pose a severe risk, particularly as AI-enabled cyber capabilities are projected to accelerate the exploitation of known vulnerabilities at scale by 2028.
Cybercriminals are abusing the 'application wallpapers' feature of Wallpaper Engine on Steam Workshop to distribute malware, including DarkKomet, Lumma, and Vidar. The malicious wallpapers drop backdoors and patched system libraries to hijack active Steam sessions, primarily targeting gamers in China and Russia.
This threat intelligence report highlights multiple critical vulnerabilities and active exploits, including a zero-day in Oracle PeopleSoft (CVE-2026-35273) exploited by ShinyHunters and an IKEv1 authentication bypass in Check Point VPNs (CVE-2026-50751) linked to Qilin ransomware. Additionally, the report details emerging AI-driven threats, a supply-chain compromise in the Arch User Repository deploying eBPF rootkits, and widespread patching efforts by Microsoft and Veeam.
Perimeter Auth Collapse and AI-Driven Deception Shift the Battlefield
The security perimeter cracked open this week as critical authentication bypasses in Check Point VPNs, Ivanti Sentry, and Palo Alto GlobalProtect gave attackers a free pass into corporate networks, with Qilin ransomware already exploiting one to launch real attacks.
At the same time, AI became the year's most versatile weapon: criminals used ChatGPT and Claude brands as phishing lures, researchers proved AI email assistants will hand over corporate secrets to impersonators, and the Shai-Hulud campaign began injecting fake prompts to blind AI-powered security scanners.
Patch edge VPN appliances immediately, treat AI agents as high-risk insiders, and hunt for device-code authentication events that bypass normal credential checks.
Sanctions Evasion Networks (SENs) supporting Iranian and Russian shadow fleets are operating a complex ecosystem of inauthentic websites to bypass maritime compliance. These networks impersonate legitimate maritime authorities and utilize automated document generation tools to produce fraudulent ship and seafarer certificates, complicating detection by regulatory and enforcement bodies.
Sekoia's Threat Detection & Research team details the two-decade evolution of APT28's tradecraft, highlighting a strategic shift from monolithic implants to disposable, single-purpose tools and compromised edge-router infrastructure. Recent operations demonstrate a return to custom cloud-resident backdoors and novel experimentation with LLM-driven infostealers.
The cyber risk landscape for 2026 is heavily influenced by regional conflicts, with PRC actors pre-positioning in critical infrastructure edge devices for strategic leverage. Russian actors are escalating hybrid warfare and OT/ICS disruption across Europe, while Iranian groups have decentralized to conduct wiper attacks and target cloud infrastructure. Concurrently, eCrime actors are exploiting these geopolitical tensions to deploy ransomware and infostealers, increasingly targeting hypervisors and industrial operations.
Multiple Russia-aligned threat actors, including SHADOW-EARTH-066 and Earth Dahu, are actively exploiting a patched WinRAR path traversal vulnerability (CVE-2025-8088) to target Ukrainian organizations. The attackers use crafted RAR archives with NTFS Alternate Data Streams to silently drop malicious payloads, such as the evolved GIFTEDCROOK infostealer or HTA-based espionage tools, into the Windows Startup folder and ProgramData directories.
This threat intelligence report highlights active exploitation of critical vulnerabilities, including a Windows Netlogon RCE (CVE-2026-41089) and an Android Framework flaw. It also details significant data breaches affecting DentaQuest and the UN WFP, emerging AI-driven threats such as EDR evasion labs, a supply chain compromise of the Hola browser, and Iranian state-sponsored espionage operations utilizing Dutch hosting infrastructure.
Gamaredon, an FSB-linked threat actor, has deployed a highly evasive, fileless stealer dubbed GammaSteel targeting Ukrainian entities. The malware leverages Windows DPAPI to encrypt and stage payloads within the registry, actively monitoring local, network, and USB drives for sensitive documents to exfiltrate via legitimate cloud services and dynamic C2 infrastructure.
Check Point Research uncovered a large-scale malware distribution ecosystem that uses search engine optimization and impersonated open-source project sites to drive traffic to a sophisticated Traffic Distribution System (TDS). The TDS employs click hijacking and strict gating to selectively deliver malware, including the SessionGate loader, RemusStealer, and AnimateClipper, while actively evading automated analysis through one-time key releases and file inflation.
Gamaredon, a Russia-nexus threat actor, utilizes a multi-stage VBScript loader framework named GammaLoad to establish persistent access and deploy subsequent payloads like GammaSteel. The infection chain leverages Dead Drop Resolvers on legitimate platforms, stores C2 configurations in the Windows Registry, and uses Alternate Data Streams (ADS) combined with Scheduled Tasks for stealthy execution.
A newly discovered malware campaign dubbed Argamal targets users downloading adult games, utilizing DLL sideloading and COM hijacking to deploy a sophisticated Remote Access Trojan (RAT). The malware establishes persistence by hijacking the Windows Color System Calibration Loader and grants attackers full system control, including surveillance, file exfiltration, and arbitrary command execution.
ESET researchers presented evidence of a 2025 espionage alliance between Russian state-aligned actors Gamaredon and Turla targeting Ukraine. Gamaredon utilized its lightweight custom tooling, including PteroGraphin and PteroOdd, to deploy Turla's Kazuar backdoor and maintain persistence for Turla's advanced espionage operations.
The operators behind the Kali365 Phishing-as-a-Service (PhaaS) kit have expanded their infrastructure to target a wider array of services, including Microsoft 365, Okta, and Russia's MAX Messenger. The threat actors utilize OAuth 2.0 device authorization grant abuse and fake prize-claim lures to bypass MFA and exfiltrate credentials via Telegram.
This threat intelligence bulletin highlights a surge in data breaches driven by social engineering, alongside the increasing weaponization of AI tools for phishing, malware development, and supply chain attacks. Active exploitation of vulnerabilities in PAN-OS GlobalProtect and Ghost CMS has been observed, while a critical unpatched RCE in Gogs remains a significant risk. Additionally, targeted campaigns like Grandoreiro and JINX-0164 continue to threaten the financial and cryptocurrency sectors using platform-specific malware and DLL side-loading.
Gamaredon (FSB) is conducting an ongoing cyberespionage campaign against Ukrainian targets using a modular, fileless infection chain. The attack leverages HTML smuggling and archive path traversal (CVE-2025-8088) for initial access, followed by the deployment of GammaWorm, which utilizes NTFS Alternate Data Streams (ADS) and Dead Drop Resolvers (DDRs) on legitimate platforms for persistence, propagation, and C2 communication.
Session Hijacking and Developer Tool Poisoning Collapse Authentication Trust
This week, attackers proved that multi-factor authentication is no longer a reliable gatekeeper. Campaigns like Tycoon 2FA and Chinese-language PhaaS platforms intercept one-time passwords in real time and steal session tokens to maintain persistent access, while infostealers like EKZ Infostealer harvest browser cookies to bypass authentication entirely. Even when victims reset passwords and revoke sessions, attackers retain access through hidden device registrations — meaning standard incident response playbooks are now incomplete.
Developers remain the preferred entry point for supply chain compromise. The Glassworm botnet was disrupted after hiding malware in VSCode extensions and npm packages, while the Megalodon campaign poisoned GitHub Actions workflows across 5,500 repositories. A malicious Sicoob.Sdk NuGet package stole banking certificates from Brazilian developers, and North Korea's Lazarus group compromised the widely used axios npm library — a single attack touching millions of downstream applications.
Organizations must move beyond password-and-MFA reliance: adopt hardware security keys, shorten session lifetimes, delete attacker-registered devices before resetting credentials, and audit developer toolchains and CI/CD pipelines for tampering.
WithSecure identified GREYVIBE, a Russia-nexus threat group targeting Ukrainian entities using spear-phishing, ClickFix, and fraudulent websites. The group systematically leverages Generative AI to develop custom malware (PhantomRelay, LegionRelay, FallSpy) and obfuscators, blending state-aligned intelligence gathering with cybercrime ecosystem overlaps.
The 2026 FIFA World Cup presents a massive, multi-jurisdictional attack surface threatened by state-nexus disruptive operations and financially motivated cybercrime. Key risks include Iran-aligned actors targeting municipal OT infrastructure, pro-Russian hacktivists launching high-volume DDoS attacks against tournament services, and cybercriminals deploying ransomware against the hospitality supply chain.
CrowdStrike, in collaboration with Google and Shadowserver, successfully dismantled the Glassworm botnet, a highly resilient threat targeting software developers. The threat actors utilized trojanized IDE extensions and malicious package dependencies to deploy GlasswormRAT, leveraging a complex C2 infrastructure spanning the Solana blockchain, BitTorrent DHT, and Google Calendar to maintain persistent access to developer environments.
Russian threat actor UTA0355 is conducting targeted phishing campaigns against foreign policy and government professionals by spoofing European security conferences. The attackers use rapport-building techniques and out-of-band messaging to trick victims into authorizing malicious Microsoft 365 OAuth applications and Device Code workflows, granting unauthorized access to their accounts.
ROADtools is an open-source Python framework designed for Entra ID exploration that has been co-opted by nation-state threat actors like APT29 and APT33. Attackers leverage its modules to conduct extensive directory reconnaissance, register rogue devices for persistence, and manipulate OAuth tokens to bypass interactive authentication controls such as MFA. Detection relies on identifying anomalous Microsoft Graph API queries, unusual user-agent strings, and default device registration artifacts.
The Cloud Atlas APT group has updated its toolset in 2025-2026 campaigns targeting Russia and Belarus, utilizing LNK-based phishing to deploy VBCloud and PowerShower backdoors. The group establishes persistent access by patching termsrv.dll for concurrent RDP sessions and heavily relies on reverse SSH, RevSocks, and Tor for redundant C2 channels. Additionally, a new PowerShell tool named PowerCloud is used to exfiltrate administrator data to Google Sheets.
WantToCry is a remote ransomware operation that targets internet-exposed SMB services using brute-force authentication. Instead of deploying local malware, attackers exfiltrate files, encrypt them on their own infrastructure, and write the encrypted versions back to the victim's network via authenticated SMB sessions, effectively bypassing traditional process-based EDR detections.
Kazuar is a sophisticated, modular P2P botnet attributed to the Russian state-sponsored actor Secret Blizzard. It utilizes a tripartite architecture (Kernel, Bridge, Worker) and a leader election mechanism to minimize external C2 traffic, relying on Mailslots, Window Messaging, and Named Pipes for internal communication and HTTP, WSS, or EWS for external C2.
Threat Activity Enablers (TAEs) are infrastructure providers that deliberately support malicious cyber operations by offering resilient, bulletproof hosting. By leveraging corporate shell companies, controlling Autonomous Systems (ASNs), and rapidly rebranding, TAEs like Virtualine Technologies and Stark Industries evade sanctions and takedowns to sustain ransomware, botnet, and state-sponsored campaigns.
The Silver Fox threat group is conducting a phishing campaign targeting organizations in Russia and India with tax-themed lures. The attack chain utilizes a modified RustSL loader featuring geofencing and Phantom Persistence to deploy ValleyRAT. ValleyRAT subsequently downloads a novel Python-based backdoor called ABCDoor, which masquerades as a Tailscale VPN client and provides remote control and screen broadcasting capabilities.
Recorded Future analyzes the cyber and geopolitical risks associated with the US strategic pivot toward the Western Hemisphere. The shift, characterized by increased military intervention against transnational criminal organizations, presents three potential scenarios that elevate risks of state-sponsored espionage, industrialized cybercrime, and the proliferation of commercial spyware and surveillance infrastructure.
The Bitwarden CLI npm package was compromised in a supply chain attack linked to the ongoing Checkmarx campaign. The malicious payload, injected via GitHub Actions, harvests extensive cloud and developer credentials, exfiltrating them through unauthorized GitHub repositories and a dedicated C2 server while employing a Russian locale kill switch and shell profile persistence.
Threat actors are actively deploying Nightmare-Eclipse proof-of-concept tools, including BlueHammer, RedSun, and UnDefend, in real-world intrusions to exploit Windows Defender race conditions for privilege escalation. The attacks, likely originating from compromised FortiGate VPN access, culminate in the deployment of BeigeBurrow, a Go-based reverse tunnel agent used for persistent command and control.
The CEO of the UK's National Cyber Security Centre (NCSC) warns of a 'perfect storm' in cyber security fueled by AI advancements and geopolitical conflicts. The majority of significant incidents are now driven by nation-states, requiring a fundamental cultural shift across all organizations to prioritize cyber resilience and adapt to AI-accelerated vulnerability exploitation.
Threat actors are leveraging social media platforms, SEO poisoning, and AI agent responses to distribute ClickFix-style attacks disguised as tech tips. Victims are socially engineered into executing malicious PowerShell commands that initiate a fileless infection chain, bypassing traditional security controls to deploy information stealers like Vidar on their endpoints.
A zero-day vulnerability in Adobe Reader is being actively exploited in targeted attacks against the Russian oil and gas sector. Threat actors are utilizing malicious PDF files embedded with obfuscated JavaScript to execute privileged APIs, enabling sensitive data theft and potential remote code execution.
The UK NCSC has issued an advisory warning that the Russian state-sponsored threat group APT28 is compromising vulnerable internet routers to conduct DNS hijacking. By altering DNS configurations, the attackers perform adversary-in-the-middle attacks to covertly reroute user traffic and harvest credentials and access tokens from personal web and email services.
Russian military intelligence actor Forest Blizzard is compromising vulnerable SOHO routers to alter DNS settings and hijack network traffic. This compromised infrastructure is subsequently used to conduct selective Adversary-in-the-Middle (AiTM) attacks, intercepting TLS connections to steal credentials and sensitive data from targeted organizations.
Russian state-sponsored threat actor APT28 is exploiting vulnerable SOHO routers to modify DHCP and DNS settings, redirecting user traffic to malicious infrastructure. This DNS hijacking facilitates Adversary-in-the-Middle (AitM) attacks designed to harvest credentials and OAuth tokens for web and email services.