U.S. prosecutors revealed that a ransomware gang accessed Russian government databases, enabling its leaders to evade taxes and military service while fueling corruption within the Russian state.
The Department of Justice disclosed that the cybercriminal organization gained unauthorized access to sensitive Russian government systems. The breach provided multiple advantages to the gang's leadership: members exploited the stolen data to avoid paying taxes and escape mandatory military conscription.
The case highlights how ransomware operations can serve dual purposes beyond traditional extortion schemes. By infiltrating government networks, the gang simultaneously weakened Russian state institutions while securing personal benefits for its operators.
The DOJ's statement underscores growing concerns about ransomware gangs operating within geopolitical gray zones. While many such groups target Western organizations, this case demonstrates how some maintain connections to or operate within jurisdictions with weak enforcement, allowing them to operate with minimal consequence.
The disclosure adds to mounting pressure on Russia to address cybercriminal sanctuaries within its borders, though such efforts have historically faced significant obstacles due to alleged state protection of hacking operations.
U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.
Tailscale disclosed a critical vulnerability in its SSH implementation that allowed attackers to gain root access through insecure argument handling. The flaw has been patched in recent versions.
A new study found that social media platforms referred over 5.7 million visits to nonconsensual deepfake pornography sites between December 2025 and March 2026, with YouTube and X accounting for the majority of traffic.