Bulwark Black LLC

Russian Cyberattacks Shift to Intelligence Gathering for Missile Strike Guidance on Ukraine Power Grid

acint2 months ago2 months ago02 mins

Russian cyberattacks targeting Ukraine’s energy infrastructure have shifted focus from immediate disruption to intelligence gathering for guiding missile strikes, Ukrainian cybersecurity officials revealed at the Kyiv International Cyber Resilience Forum. Strategic Shift in Attack Methodology Oleksandr Potii, head of Ukraine’s State Service of Special Communications and Information Protection, confirmed that attackers are now prioritizing reconnaissance…

Hackers Weaponize Claude Code AI to Steal 150GB from Mexican Government in Month-Long Campaign

acint2 months ago2 months ago02 mins

In a disturbing escalation of AI-enabled cyber operations, hackers have weaponized Anthropic’s Claude Code AI assistant to develop exploits, create custom attack tools, and systematically exfiltrate more than 150GB of data from Mexican government systems, according to Israeli cybersecurity firm Gambit Security. Attack Scope and Impact The threat actors compromised 10 Mexican government agencies and…

Google Disrupts UNC2814 GRIDTIDE Campaign: Chinese APT Breaches 53 Organizations Across 42 Countries

acint2 months ago03 mins

Google has disclosed details of a massive disruption operation against UNC2814, a suspected China-nexus cyber espionage group that breached at least 53 organizations across 42 countries. The campaign, tracked as GRIDTIDE, represents one of the most far-reaching espionage operations uncovered in recent years. The Scope of the Intrusion According to Google Threat Intelligence Group (GTIG)…

OpenAI Confirms ChatGPT Exploited by Chinese and Russian Threat Actors for Cyberattacks

acint2 months ago03 mins

OpenAI has confirmed that Chinese and Russian state-affiliated threat actors have been exploiting ChatGPT to support malicious cyber and influence operations, marking one of the first documented cases of adversaries weaponizing generative AI for tactical offensive cyber activities. Chinese APT Groups Leverage ChatGPT for Cyber Operations According to OpenAI’s investigation, Chinese threat actors associated with…

Operation Roar of the Lion: Israel Executes Largest Cyberattack in History Against Iran

acint2 months ago03 mins

In an unprecedented display of cyber warfare capability, Israel has executed what is being described as the largest cyberattack in history, plunging Iran into near-total digital darkness during a coordinated military operation on Saturday, February 28, 2026. Near-Total Internet Blackout Confirmed Independent internet monitor NetBlocks confirmed that Iran’s national connectivity dropped to just 4% of…

Steaelite RAT Bundles Ransomware and Data Theft in Single Web Panel for Double Extortion Attacks

acint2 months ago03 mins

A dangerous new remote access trojan called Steaelite RAT has emerged on cybercrime forums, offering attackers a unified platform for executing double extortion attacks with unprecedented efficiency. Unlike traditional attack chains that require separate tools for data theft and ransomware deployment, Steaelite consolidates the entire operation into a single browser-based dashboard. Automated Credential Theft on…

APT37 Ruby Jumper Campaign: North Korean Hackers Deploy Malware Arsenal to Bridge Air-Gapped Networks

acint2 months ago04 mins

Zscaler ThreatLabz has uncovered a sophisticated campaign by North Korean threat group APT37, introducing five new malware tools designed specifically to infiltrate and exfiltrate data from air-gapped systems through weaponized USB drives. Campaign Overview In December 2025, security researchers at Zscaler discovered the Ruby Jumper campaign, orchestrated by APT37 (also known as ScarCruft, Ruby Sleet,…

UAC-0050 Targets European Financial Institution in Strategic Phishing Campaign

acint2 months ago02 mins

Russia-aligned threat actor UAC-0050 has expanded operations beyond Ukraine, targeting a European financial institution involved in reconstruction efforts with a sophisticated multi-stage spear-phishing attack. Campaign Overview Security researchers at BlueVoyant have uncovered a targeted phishing campaign attributed to UAC-0050, also known as the DaVinci Group. The threat cluster, tracked by BlueVoyant as “Mercenary Akula,” has…

Chinese APT Campaign Delivers PlugX RAT via G DATA Antivirus DLL Side-Loading

acint2 months ago03 mins

A sophisticated Chinese-aligned threat campaign has been observed delivering the PlugX Remote Access Trojan (RAT) through a clever abuse of legitimate G DATA antivirus components, according to new research from LAB52. The Attack Chain The infection begins with a spear-phishing email titled “Meeting Invitation” containing two links — one redirecting to Iceland’s Ministry of Foreign…

APT37 Deploys Ruby Jumper Campaign to Breach Air-Gapped Networks

acint2 months ago02 mins

North Korean threat actor APT37 (Reaper) has expanded its arsenal with sophisticated new malware designed to compromise air-gapped networks — systems physically isolated from the internet that organizations use to protect their most sensitive data. Researchers at Zscaler ThreatLabz have uncovered the “Ruby Jumper” campaign, which employs a complex infection chain featuring multiple novel malware…