LOWApt
Global

Ukraine confirms suspected APT28 campaign targeting prosecutors, anti-corruption agencies

·Source: The Record

Updated:

Executive Summary

The intrusions exploited vulnerabilities in the open-source Roundcube webmail platform that allow attackers to execute malicious code when a victim simply opens an email in their inbox.

Analysis

The intrusions exploited vulnerabilities in the open-source Roundcube webmail platform that allow attackers to execute malicious code when a victim simply opens an email in their inbox.
Source Attribution

Originally published by The Record on Apr 17, 2026.

Related Threats

MEDIUMApt

Metasploit Wrap-Up 04/17/2026

Happy Friday - Seven New Metasploit Modules We’re happy to announce that Metasploit Framework had a big week, landing seven new modules alongside various bug fixes and enhancements. This week’s highlights include RCE modules targeting AVideo, openDCIM, Selenium Grid/Selenoid, and ChurchCRM. On the post-exploitation side, Windows saw three new persistence techniques added as modules, targeting Tele

CVE-2026-28501CVE-2026-28517
Rapid7
CRITICALApt

ISMG Editors: Adapting to the Looming Mythos AI Onslaught

<img src="https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/ismg-editors-adapting-to-looming-mythos-ai-onslaught-image_small-2-a-31453.jpg" align=right hspace=4><b>Also: NY State Regs Test Resilience vs Compliance, OT Security Nears Breaking Point</b><br>In this week's panel, four ISMG editors explore the industry's response to Anthropic's Mythos AI breakthrough, whether tighter New York s

Bank Info Security
MEDIUMApt

US nationals sentenced for aiding North Korea’s tech worker scheme

Kejia Wang and Zhenxing Wang established shell companies and hosted laptop farms to help operatives obtain jobs at more than 100 U.S. companies. The post US nationals sentenced for aiding North Korea’s tech worker scheme appeared first on CyberScoop .

CyberScoop