Find notable cyber news and cases, enriched with sources, timelines, and signals.

Russian-speaking threat actor campaign expands across multiple victims

Campaign
First reported
Last updated
Happening score
H score 38
1 unique sources, 1 articles

Summary

Hide ▲

A Russian-speaking threat actor ran an AI-augmented campaign against FortiGate security appliances, using multiple commercial AI services to scale compromise attempts across a wide global target set. The operation mattered because it reached more than 600 appliances in at least 55 countries over five weeks, showing how commercial AI can amplify offensive tradecraft.

Related Happenings

Russian-speaking FortiGate and Microsoft SQL Server bruteforce campaign

Campaign
H score82 First: 17.06.2026 18:12 Last: 17.06.2026 18:12 Sources 1

About this happening: A Russian-speaking multi-operator threat group ran a **FortiGate** and **Microsoft SQL Server** bruteforce campaign that generated **billions of credential attempts**, raising the...

Sentry agentjacking analysis shows malicious error events can trigger AI coding agents

Technical Analysis
H score38 First: 11.06.2026 12:15 Last: 11.06.2026 12:15 Sources 1

About this happening: Researchers described **Agentjacking** as a new attack against **AI coding agents** that abuses **Sentry DSNs** and **MCP** to inject fake error data, causing agents like **Claude...

Shadow-Aether-040 AI-augmented campaign against Mexican government entities

Campaign
H score41 First: 13.05.2026 16:00 Last: 13.05.2026 16:00 Sources 1

About this happening: The **Shadow-Aether-040** campaign used **AI agents** and custom tooling to compromise **six government entities in Mexico**, increasing the risk of follow-on intrusion and **data...

Prominent cybercrime threat actors AI-assisted zero-day exploitation campaign

Campaign
H score30 First: 11.05.2026 16:00 Last: 11.05.2026 16:00 Sources 1

About this happening: An **AI-assisted zero-day exploitation campaign** was planned by **prominent cybercrime threat actors**, but the effort was **disrupted before deployment** and did not reach its i...

China-nexus agentic tools attack campaign targeting Japanese technology and East Asian cybersecurity organizations

Campaign
H score31 First: 11.05.2026 16:00 Last: 11.05.2026 16:00 Sources 1

About this happening: A **China-nexus actor** used **agentic tools** in a targeted attack against a **Japanese technology firm** and an **East Asian cybersecurity platform**, showing how AI-driven orch...

Timeline

  1. 09.03.2026 01:35 2 articles · 4mo ago

    Russian-speaking threat actor campaign expands across multiple victims

    Initial Disclosure

    In **February**, the actor began using **commercial AI services** to plan and carry out compromise attempts against **FortiGate security appliances**. The first phase concentrated on finding **exposed management ports** and **weak credentials**, setting up a campaign that would spread across **55 countries**.

    Show sources