ALL POSTS

Key Findings The Russian nation-state hacking group known as Sandworm attempted a significant cyber attack targeting Poland's power sector in late December 2025. The attack involved the deployment of a previously undocumented wiper malware called DynoWiper. The attack was ultimately unsuccessful, with no evidence of successful disruption to Poland's energy infrastructure. This activity occurred on the 10th anniversary of Sandworm's 2015 attack against the Ukrainian power grid

Key Findings Amazon's threat intelligence team has disclosed details of a "years-long" Russian state-sponsored campaign that targeted Western critical infrastructure between 2021 and 2025. The activity has been attributed with high confidence to Russia's Main Intelligence Directorate (GRU), citing infrastructure overlaps with APT44, also known as FROZENBARENTS, Sandworm, Seashell Blizzard, and Voodoo Bear. The campaign targeted energy sector organizations across Western natio