ALL POSTS

Key Findings DarkSword is a sophisticated iOS exploit kit targeting devices running iOS 18.4-18.7 Developed by UNC6353, likely a Russia-linked group Exploits six vulnerabilities, including three zero-days Enables full device compromise with minimal user interaction Targets sensitive data, including credentials and crypto wallet information Operates in a "hit-and-run" approach, exfiltrating data quickly and then cleaning traces Background DarkSword emerged in late 2025 as a po

Key Findings * Russia-linked APT group targets Ukrainian organizations using DRILLAPP backdoor * Utilizes Microsoft Edge debugging to evade detection * Two campaign variants observed in February 2026 * Capability to access file systems, microphone, camera, and screen recordings * Linked to Laundry Bear (UAC-0190/Void Blizzard) APT group Background The DRILLAPP backdoor campaign represents a sophisticated cyber espionage effort targeting Ukrainian entities. Attributed to a Rus