https://www.secintel.net/posts/Recent content in Posts on Cyber Intel HubHugoen-usTue, 07 Apr 2026 23:55:20 +0000https://www.secintel.net/posts/2026-04-07/Tue, 07 Apr 2026 23:55:20 +0000https://www.secintel.net/posts/2026-04-07/<p><strong>Daily Cyber Intelligence Brief</strong> <strong>Date:</strong> April 6, 2026 <strong>Report Prepared by:</strong> Senior Cyber Security Researcher</p> <h3 id="1-main-headline-russian-state-actors-weaponize-18000-soho-routers-to-exfiltrate-microsoft-office-tokens">1. Main Headline: Russian State Actors Weaponize 18,000+ SOHO Routers to Exfiltrate Microsoft Office Tokens</h3> <hr> <h3 id="2-the-big-story-apt28s-global-dns-hijacking-campaign">2. The Big Story: APT28’s Global DNS Hijacking Campaign</h3> <p>The Russia-linked threat actor APT28 (also known as Forest Blizzard) has launched a massive exploitation campaign targeting insecure Small Office/Home Office (SOHO) routers, specifically MikroTik and TP-Link devices. By exploiting known vulnerabilities and poor credential hygiene in these edge devices, the group has compromised over 18,000 networks to create a sprawling, resilient infrastructure for cyber espionage.</p>