The U.S. Department of Justice conducted Operation Masquerade to dismantle a DNS hijacking network operated by Russia's APT28, which compromised thousands of TP-Link routers across the United States. By exploiting known vulnerabilities, the threat actors redirected DNS traffic to GRU-controlled resolvers to intercept sensitive credentials and intelligence. The FBI successfully deployed commands to restore legitimate configurations and block further unauthorized access while working with ISPs to notify affected users.
Simultaneously, researchers identified a new macOS threat involving a ClickFix variant that uses AppleScript URL schemes to deliver AMOS/Atomic Stealer malware, bypassing Apple's latest security mitigations. Meanwhile, Iranian-affiliated hackers have intensified their focus on U.S. critical infrastructure, targeting internet-exposed programmable logic controllers (PLCs) from Rockwell Automation. These attacks have led to operational disruptions in the energy, water, and wastewater sectors by manipulating display data and extracting configuration files.
Top comments (0)