APT28 Targeted European Entities Using Webhook-Based Macro Malware

February 23, 2026

The Russia-linked state-sponsored threat actor tracked as APT28 has been attributed to a new campaign targeting specific entities in Western and Central Europe.
The activity, per S2 Grupo’s LAB52 threat intelligence team, was active between September 2025 and January 2026. It has been codenamed Operation MacroMaze. “The campaign relies on basic tooling and the exploitation of legitimate services

Categories

Blog

Share

Leave a Reply Cancel reply

Recent Post

Defense Contractor Employee Jailed for Selling 8 Zero-Days to Russian Broker

25 February 2026

SolarWinds Patches 4 Critical Serv-U 15.5 Flaws Allowing Root Code Execution

25 February 2026

CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability

25 February 2026

RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN

24 February 2026

Like The article?

We have a lot more just for you! Lets join us now

Related post

Continue reading

Defense Contractor Employee Jailed for Selling 8 Zero-Days to Russian Broker

No Comments

SolarWinds Patches 4 Critical Serv-U 15.5 Flaws Allowing Root Code Execution

No Comments

CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability

No Comments

Have your assets been compromised by fraud or theft?

Speak to a Expert Now!