What is Forest Blizzard APT28?

Russia's state-sponsored group, tied to GRU, behind DNC hacks and SolarWinds supply chain hits. Now alias for Fancy Bear.

How to secure SOHO routers from DNS attacks?

Update firmware, kill remote management, use custom DNS like 1.1.1.1, monitor traffic anomalies.

🌐 Nation-State Threats

Russia's Forest Blizzard just turned everyday routers into login goldmines. No malware needed—just a sly DNS flip.

Threat Digest Apr 11, 2026 4 min read

Forest Blizzard exploits SOHO router DNS settings for malware-free credential theft. 𝕏
Vulnerable devices span governments, finance; patching lags at 70% of SMBs. 𝕏
Shift to infrastructure attacks predicts copycats and rising edge-device breaches. 𝕏

Published by

Threat intelligence. Zero noise.

#APT28 #DNS hijacking #Forest Blizzard #SOHO Routers

Get the best Cybersecurity stories of the week in your inbox — no noise, no spam.

Originally reported by Dark Reading