Russian APT Star Blizzard Adopts DarkSword iOS Exploit Kit
The state-sponsored group’s campaign has targeted government, higher education, financial, and legal entities, as well as think tanks. The post Russian APT Star Blizzard Adopts DarkSword iOS Exploit Kit appeared first on SecurityWeek.
A Russian state-sponsored hacking group tracked as Star Blizzard has adopted the DarkSword iOS exploit kit in an ongoing campaign, Proofpoint reports.
On Friday, investigation platform Malfors warned that a Russian threat actor has been using Atlantic Council lures in an email campaign delivering the DarkSword-linked GhostBlade malware.
Shortly after, Proofpoint attributed the campaign to Star Blizzard, an APT associated with the Russian intelligence service FSB and which is also tracked as Callisto, ColdRiver, SeaBorgium, and TA446.
Source: https://www.securityweek.com/russian-apt-star-blizzard-adopts-darksword-ios-exploit-kit/
Related breach coverage
- FBI: North Korean Spear-Phishing Attacks Use Malicious QR Codes2026-01-09
The North Korean state-sponsored espionage group Kimsuky has targeted government organizations, think tanks, and academic institutions. The post FBI: North Korean Spear-Phishing Attacks Use Malicious QR Codes appeared first on SecurityWeek.
- Apple Rolls Out DarkSword Exploit Protection to More Devices2026-04-02
The DarkSword exploit kit has been used by both state-sponsored hackers and commercial spyware vendors. The post Apple Rolls Out DarkSword Exploit Protection to More Devices appeared first on SecurityWeek.
- ‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors2026-03-18
Targeting six iOS vulnerabilities and leading to full device compromise, the exploit chain is meant for surveillance. The post ‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors appeared first on SecurityWeek.
- Reporters Without Borders Targeted by Russian Hackers2025-12-04
The state-sponsored hackers relied on phishing emails to deliver a malicious payload to Reporters Without Borders (RSF). The post Reporters Without Borders Targeted by Russian Hackers appeared first on SecurityWeek.