Researchers have disrupted an operation attributed to Russian state-sponsored threat group Midnight Blizzard, who sought access to Microsoft 365 accounts and data.

AWS disrupted a Russian watering hole campaign targeting Microsoft users via compromised websites redirecting users to malicious infrastructure.

Attacks on the NX build system and React packages highlight escalating threats to enterprise software development pipelines.

Amazon disrupted APT29’s June 2025 campaign exploiting Microsoft device code authentication, redirecting 10% of visitors to ...

APT29, also known as Cozy Bear and Midnght Blizzard, is probably best known for the 2020 SolarWinds hack, and has been widely linked to Russia's Foreign Intelligence Service (SVR) by the US, UK, and ...

The campaign shows APT29’s intentions to “cast a wider net in their intelligence collection efforts,” said Amazon ...