Sednit reloaded: Back in the trenches
The resurgence of one of Russia’s most notorious APT groups
APT28 (Fancy Bear)
Russian military intelligence (GRU) hacking group active since mid-2000s. Known for targeting NATO governments, military organizations, and political entities.
Also known as: apt28, fancy bear, sofacy, pawn storm, strontium, forest blizzard, iron twilight, sednit
AI Intelligence Brief
Entity Relationships
90-Day Activity
Last 90 Days (3)
Last 90 Days
All Time
January 2026 CVE Landscape: 23 Critical Vulnerabilities Mark 5% Increase, APT28 Exploits Microsoft Office Zero-Day
January 2026 saw 23 actively exploited CVEs, including APT28’s Microsoft Office zero-day and critical auth bypass flaws impacting enterprise systems.
Fancy Bear Exploits Microsoft Office Flaw in Ukraine, EU Cyber-Attacks
Russia-linked hacking group Fancy Bear is exploiting a brand-new vulnerability in Microsoft Office, CERT-UA says