> TritonInfoSec News

Home / Jun 30, 2026 / Story

#8 The Hacker News general June 29, 2026 at 11:40 UTC

Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse

By [email protected] (The Hacker News)

AI Summary

Russian APT group Gamaredon conducted 35 distinct spear-phishing campaigns against Ukrainian targets throughout 2025, primarily in the second half of the year, according to ESET research. The group has expanded its malware arsenal and is abusing legitimate cloud services as part of its ongoing cyber operations against Ukraine. The breadth and persistence of these campaigns — averaging roughly three per month — illustrates Gamaredon's role as one of Russia's most operationally active threat actors targeting Ukrainian government and military entities.

Read full article → https://thehackernews.com/2026/06/gamaredon-expand…

Relevance score: 80.0/100

Sponsored

Protect Your Business

Expert cybersecurity solutions to safeguard your organization from evolving threats.

Get Protected →

# More from June 30

1
U.S. offers $10 million for hackers targeting WhatsApp, Signal users BleepingComputer
2
Critical SimpleHelp flaw exploited to deploy new stealer malware BleepingComputer
3
Hackers now exploit critical Oracle E-Business flaw in attacks BleepingComputer
4
Nissan discloses employee data breach linked to Oracle zero-day attacks BleepingComputer
5
Microsoft Removes 119 Edge Extensions That Hid Malware in Images and Fonts The Hacker News
6
Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw The Hacker News
7
Mustang Panda Uses Zoho WorkDrive as Command Channel in Indian Government Attacks The Hacker News
9
236,000 DCloud Uni-App Sites Used in Crypto Scams, Phishing, and Wallet Drainers The Hacker News
10
Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer The Hacker News