New Russian state-sponsored APT quickly gains global reach, hitting expansive targets | CyberScoop<\/title> <meta name=\"description\" content=\"Laundry Bear, a group recently identified by Dutch intelligence and security services, stole work-related contact details on the Netherlands\u2019 national police force in September 2024, Microsoft researchers said.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/laundry-bear-void-blizzard-russia-apt\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"New Russian state-sponsored APT quickly gains global reach, hitting expansive targets\"> <meta property=\"og:description\" content=\"Laundry Bear, a group recently identified by Dutch intelligence and security services, stole work-related contact details on the Netherlands\u2019 national police force in September 2024, Microsoft researchers said.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/laundry-bear-void-blizzard-russia-apt\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cyberscoop\/\"> <meta property=\"article:published_time\" content=\"2025-05-27T19:57:30+00:00\"> <meta property=\"article:modified_time\" content=\"2025-05-27T19:57:34+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/new-russian-state-sponsored-apt-quickly-gains-global-reach-hitting-expansive-targets-2.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1249\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Matt Kapko\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@CyberScoopNews\"> <meta name=\"twitter:site\" content=\"@CyberScoopNews\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1746040294g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1747771875g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1748220166g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=13897d660a0ac2c9c7d1\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/84669\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.8.1\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=84669\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Flaundry-bear-void-blizzard-russia-apt%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Flaundry-bear-void-blizzard-russia-apt%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"wp-singular post-template-default single single-post postid-84669 single-format-standard wp-theme-scoopnewsgroup wp-child-theme-cyberscoop\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/laundry-bear-void-blizzard-russia-apt\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--event js-stickybar\">\n<div class=\"stickybar__details\" readability=\"4.9180327868852\">\n<div class=\"stickybar__info js-sticky-bar-content\" readability=\"32\">\n<p>Voting is open for the 2025 CyberScoop 50 awards!<\/p>\n<\/div>\n<p> <a class=\"stickybar__link button button-tertiary\" href=\"https:\/\/cyberscoop.com\/cyberscoop50\/\">Click here!<\/a> <\/div>\n<p> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"27.803879310345\">\n<div class=\"single-article__header-content\" readability=\"38.603696098563\">\n<p> Laundry Bear, a group recently identified by Dutch intelligence and security services, stole work-related contact details on the Netherlands\u2019 national police force in September 2024, Microsoft researchers said. <\/p>\n<p>  <br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/84669\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p>  <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p>  <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p>  <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"416\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/new-russian-state-sponsored-apt-quickly-gains-global-reach-hitting-expansive-targets.jpg?resize=640%2C416&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/new-russian-state-sponsored-apt-quickly-gains-global-reach-hitting-expansive-targets-2.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/new-russian-state-sponsored-apt-quickly-gains-global-reach-hitting-expansive-targets-2.jpg?resize=300,195 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/new-russian-state-sponsored-apt-quickly-gains-global-reach-hitting-expansive-targets-2.jpg?resize=768,500 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/new-russian-state-sponsored-apt-quickly-gains-global-reach-hitting-expansive-targets-2.jpg?resize=1024,666 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/new-russian-state-sponsored-apt-quickly-gains-global-reach-hitting-expansive-targets-2.jpg?resize=1536,999 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/new-russian-state-sponsored-apt-quickly-gains-global-reach-hitting-expansive-targets-2.jpg?resize=600,390 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/new-russian-state-sponsored-apt-quickly-gains-global-reach-hitting-expansive-targets-2.jpg?resize=258,168 258w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/new-russian-state-sponsored-apt-quickly-gains-global-reach-hitting-expansive-targets-2.jpg?resize=518,337 518w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/new-russian-state-sponsored-apt-quickly-gains-global-reach-hitting-expansive-targets-2.jpg?resize=1038,675 1038w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/new-russian-state-sponsored-apt-quickly-gains-global-reach-hitting-expansive-targets-2.jpg?resize=1296,843 1296w\" sizes=\"(max-width: 1038px) 100vw, 1038px\"><figcaption> A man talks on the phone walking along Red Square in front of St. Basil’s Cathedral in central Moscow on February 28, 2023. (Photo by Alexander NEMENOV \/ AFP) (Photo by ALEXANDER NEMENOV\/AFP via Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"44.596429383671\"><body readability=\"90.466649694501\"><\/p>\n<p>A newly discovered Russian state-sponsored threat group has targeted a large swath of industries, especially in NATO member states and Ukraine, part of a global espionage campaign in support of Moscow\u2019s interests, Microsoft Threat Intelligence said in a Tuesday blog post. <\/p>\n<p>Laundry Bear, a group Microsoft tracks as Void Blizzard, has attacked multiple governments and critical infrastructure providers since at least 2024. Dutch intelligence and security services agencies on Tuesday said the group <a href=\"https:\/\/www.aivd.nl\/actueel\/nieuws\/2025\/05\/27\/onbekende-russische-groep-achter-hacks-nederlandse-doelen\">infiltrated the Netherlands\u2019 national police force\u2019s systems<\/a> in September 2024 and stole work-related contact details on police staff.<\/p>\n<p>\u201cWe have seen this hacker group successfully gain access to sensitive information from a large number of government organizations and companies worldwide,\u201d Peter Reesink, director of the Netherlands\u2019 Ministry of Defense, said in a statement Tuesday, according to a translation. \u201cLaundry Bear is looking for information about the purchase and production of military equipment by Western governments and Western deliveries of weapons to Ukraine.\u201d<\/p>\n<p>The group\u2019s initial access methods lack sophistication, yet the group has gained access to and stolen data from multiple organizations in critical sectors. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cWhile Void Blizzard\u2019s tactics, techniques, and procedures are not unique among advanced persistent threat actors or even Russian nation state-sponsored groups, the widespread success of their operations underscores the enduring threat from even unsophisticated TTPs when leveraged by determined actors seeking to collect sensitive information,\u201d Microsoft threat researchers <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/05\/27\/new-russia-affiliated-actor-void-blizzard-targets-critical-sectors-for-espionage\/\">said in the blog post<\/a>.<\/p>\n<p>Void Blizzard has engaged in espionage targeting government agencies, defense suppliers, and organizations in communications, IT, health care, education, media and transportation since mid-2024, according to Microsoft.<\/p>\n<p>\u201cThe threat actor uses stolen credentials \u2014 which are likely procured from commodity infostealer ecosystems \u2014 and collects a high volume of email and files from compromised organizations,\u201d Microsoft threat researchers said. The group likely obtains cookies and other credentials from criminal ecosystems for password spray attacks, Microsoft added.<\/p>\n<p>Void Blizzard uses these credentials to gain initial access to Exchange and SharePoint Online for intelligence gathering. The group then abuses legitimate cloud APIs to sift through mailboxes and cloud-hosted files prior to automating bulk theft of cloud-hosted data, Microsoft said.<\/p>\n<p>In some cases, the group has accessed Microsoft Teams conversations and messages, and cataloged Microsoft Entra ID configurations to gain information about users, roles, groups, applications and devices belonging to that account. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Microsoft Threat Intelligence in April identified a Void Blizzard adversary-in-the-middle spear-phishing campaign that targeted more than 20 non-governmental agencies in Europe and the United States. In those attacks, the threat group used a typosquatted domain to spoof Microsoft Entra authentication. <\/p>\n<p>\u201cThis new tactic suggests that Void Blizzard is augmenting their opportunistic but focused access operations with a more targeted approach, increasing the risk for organizations in critical sectors,\u201d Microsoft said.<\/p>\n<p>Microsoft declined to answer questions about how many attacks have been attributed to Void Blizzard to date and how much the group\u2019s threat activity levels have increased in the past year.<\/p>\n<p>Laundry Bear has targeted \u201cvirtually all countries\u201d in the European Union and NATO, Dutch intelligence and security agencies said in a <a href=\"https:\/\/www.aivd.nl\/documenten\/publicaties\/2025\/05\/27\/aivd-en-mivd-onderkennen-nieuwe-russische-cyberactor\">cybersecurity advisory<\/a>, adding that the group has also attacked organizations in Eastern and Central Asia. <\/p>\n<p>Dutch officials said Laundry Bear operates at a high pace and described the group as \u201cvery successful,\u201d compared to some other Russian state-sponsored threat groups.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"3.7980769230769\">\n<div class=\"author-card\" readability=\"14\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/new-russian-state-sponsored-apt-quickly-gains-global-reach-hitting-expansive-targets-1.jpg?w=640&ssl=1\" alt=\"Matt Kapko\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Matt Kapko<\/h4>\n<p> Matt Kapko is a reporter at CyberScoop. His beat includes cybercrime, ransomware, software defects and vulnerability (mis)management. The lifelong Californian started his journalism career in 2001 with previous stops at Cybersecurity Dive, CIO, SDxCentral and RCR Wireless News. Matt has a degree in journalism and history from Humboldt State University. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/laundry-bear-void-blizzard-russia-apt\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>New Russian state-sponsored APT quickly gains global reach, hitting expansive<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[436,282,78,117,625,467,256,270,49,288],"tags":[245,286,86,119,630,471,262,276,57,294],"class_list":["post-7682","post","type-post","status-publish","format-standard","hentry","category-apt","category-cybercrime","category-cybersecurity","category-government","category-microsoft","category-microsoft-threat-intelligence-center","category-research","category-russia","category-threat-intelligence","category-threats","tag-apt","tag-cybercrime","tag-cybersecurity","tag-government","tag-microsoft","tag-microsoft-threat-intelligence-center","tag-research","tag-russia","tag-threat-intelligence","tag-threats"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/apt\/\" rel=\"category tag\">apt<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybercrime\/\" rel=\"category tag\">cybercrime<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/government\/\" rel=\"category tag\">Government<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/microsoft\/\" rel=\"category tag\">Microsoft<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/microsoft-threat-intelligence-center\/\" rel=\"category tag\">Microsoft Threat Intelligence Center<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/research\/\" rel=\"category tag\">Research<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/russia\/\" rel=\"category tag\">Russia<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/threat-intelligence\/\" rel=\"category tag\">Threat Intelligence<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/threats\/\" rel=\"category tag\">Threats<\/a>","tag_info":"Threats","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7682","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=7682"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7682\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=7682"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=7682"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=7682"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":7682,"date":"2025-05-27T14:57:30","date_gmt":"2025-05-27T19:57:30","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=84669"},"modified":"2025-05-27T14:57:30","modified_gmt":"2025-05-27T19:57:30","slug":"new-russian-state-sponsored-apt-quickly-gains-global-reach-hitting-expansive-targets","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2025\/05\/27\/new-russian-state-sponsored-apt-quickly-gains-global-reach-hitting-expansive-targets\/","title":{"rendered":"New Russian state-sponsored APT quickly gains global reach, hitting expansive targets"},"content":{"rendered":"