DVIUS Intelligence Summary: Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign - Analysis from Thehackernews.
The Russia-linked threat actor known as APT28 (aka Forest Blizzard) has
been linked to a new campaign that has compromised insecure MikroTik and TP-Link
routers and modified their settings to turn them into malicious infrastructure
under their control as part of a cyber espionage campaign since at least
May 2025.
The large-scale exploitation campaign has been codenamed
DVIUS AI Assessment: This incident highlights the ongoing evolution of cyber threats. Organizations should prioritize patch management, employee awareness training, and multi-factor authentication to mitigate similar risks. For full details, refer to the original source.