Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign

The Russia-linked threat actor known as APT28 (aka Forest Blizzard) has been linked to a new campaign that has compromised insecure MikroTik and TP-Link routers and modified their settings to turn them into malicious infrastructure under their control as part of a cyber espionage campaign since at least May 2025.
The large-scale exploitation campaign has been codenamed

Source

What's Hot

Commercial AI Models Show Rapid Gains in Vulnerability Research

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

Microsoft Fixes Two Zero-Days in April Patch Tuesday

Commercial AI Models Show Rapid Gains in Vulnerability Research

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

Microsoft Fixes Two Zero-Days in April Patch Tuesday

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

Why SOC Burnout Can Be Avoided: Practical Steps

Cyber M&A Roundup: Cyber Giants Strengthen AI Security Offerings

Why the Identity Security Fabric is Essential for Securing AI and Non-Human Identities

Most Popular

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

Why SOC Burnout Can Be Avoided: Practical Steps

Our Picks

A quick guide to recovering a hacked account

What is it, and how do I get it off my device?

Beware of Winter Olympics scams and other cyberthreats

Subscribe to Updates

What's Hot

Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign

Related Posts

Subscribe to Updates