Russia's Forest Blizzard Nabs Rafts of Logins Via SOHO Routers

Thursday, April 9, 2026 at 01:00 AM UTC·Source: Dark Reading

Updated: Thursday, April 9, 2026 at 01:02 AM UTC

Executive Summary

Heard of fileless malware? How about malwareless cyber espionage? Russia's APT28 is spying on global organizations by modifying just one DNS setting in vulnerable routers.

Analysis

Heard of fileless malware? How about malwareless cyber espionage? Russia's APT28 is spying on global organizations by modifying just one DNS setting in vulnerable routers.

Source Attribution

Originally published by Dark Reading on Apr 9, 2026.

Related Threats

MEDIUMApt

Metasploit Wrap-Up 04/17/2026

Happy Friday - Seven New Metasploit Modules We’re happy to announce that Metasploit Framework had a big week, landing seven new modules alongside various bug fixes and enhancements. This week’s highlights include RCE modules targeting AVideo, openDCIM, Selenium Grid/Selenoid, and ChurchCRM. On the post-exploitation side, Windows saw three new persistence techniques added as modules, targeting Tele

CVE-2026-28501CVE-2026-28517

Apr 17, 2026Rapid7

CRITICALApt

ISMG Editors: Adapting to the Looming Mythos AI Onslaught

<img src="https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/ismg-editors-adapting-to-looming-mythos-ai-onslaught-image_small-2-a-31453.jpg" align=right hspace=4><b>Also: NY State Regs Test Resilience vs Compliance, OT Security Nears Breaking Point</b><br>In this week's panel, four ISMG editors explore the industry's response to Anthropic's Mythos AI breakthrough, whether tighter New York s

Apr 17, 2026Bank Info Security

LOWApt

Ukraine confirms suspected APT28 campaign targeting prosecutors, anti-corruption agencies

The intrusions exploited vulnerabilities in the open-source Roundcube webmail platform that allow attackers to execute malicious code when a victim simply opens an email in their inbox.

Apr 17, 2026The Record