Russian Hackers Step Up Attacks on Signal Messenger
A Google Cloud Threat Intelligence research indicates that Russian hacker groups are increasingly attempting to compromise Signal user accounts. Signal is known for its end-to-end encryption, and journalists, civic activists, and human rights defenders often become prime targets. Their goal is believed to be espionage and the interception of private communications.
According to the report, the hackers use phishing campaigns and exploit vulnerabilities that allow them to bypass Signal’s security mechanisms. Google Cloud experts warn that successful breaches could undermine trust in secure communication channels and lead to massive data leaks in politically sensitive areas.
TikTok and X Boost Far-Right AfD Ahead of Germany’s Elections
A Global Witness research revealed that TikTok and X (formerly Twitter) recommendation algorithms favor content supporting the far-right Alternative for Germany (AfD). Of all the political materials new TikTok users were shown, 78% were related to AfD, while on X, this figure reached 64%. For comparison, the party’s support among voters is only around 20%.
Researchers also noted that users who did not display a clear political stance encountered right-wing content nearly twice as often as left-wing. This could influence public sentiment ahead of parliamentary elections and raises concerns about the transparency of algorithmic recommendations.
Italy Under Russia’s Cyber Crosshairs
Italy is increasingly becoming a target of Russian cyberattacks with ideological motives, according to Decode39. Attackers aim to influence the political climate by spreading disinformation and stoking social conflicts through system breaches and the distribution of fake news.
The Italian government, known for its consistently pro-Ukrainian stance, is stepping up cybersecurity measures, including improving monitoring and incident response capabilities in the digital sphere.
The US Introduces New Cyber Sanctions Together with Allies
The US Department of the Treasury has announced the launch of SB0018, an initiative aimed at increasing pressure on hacker groups and individual cybercriminals who threaten financial and national security. The new measures include freezing assets and expanding international cooperation with allies—Australia, Canada, the EU, New Zealand, and the United Kingdom.
According to the department, joint sanction mechanisms will make it easier to detect and neutralize cyberthreats. It is expected that this initiative will help combat money laundering and reduce the number of attacks on financial institutions.
Sean Cairncross May Become the Next US Cyber Director
According to Politico, the US administration is considering Sean Cairncross as a candidate for Cyber Director. Cairncross has experience in shaping government cybersecurity strategies and modernizing digital infrastructure. If confirmed, he may push for stronger collaboration with the private sector and allied nations.
Among the top priorities for the new Cyber Director will be the development of comprehensive measures to counter state-sponsored hackers and coordinate efforts between law enforcement, intelligence agencies, and US tech companies.
Hackers Hunt Freelance Developers
An ESET investigation has recorded a series of cyberattacks linked to North Korea, in which hackers pose as recruiters offering fake job openings. They send “test tasks” hosted on GitHub or similar platforms. Freelancers, looking for work, download and run these projects, unaware that they also receive malicious software.
The operation, which ESET dubbed DeceptiveDevelopment (“misleading development”), involves attackers creating what seems like a legitimate project that needs a new feature or bug fix. Hidden in these files is an infostealer—a program that harvests data from the victim’s computer. When the victim completes the “assignment” and runs the project, the malicious code installs itself on the system, granting hackers access to valuable information and enabling further malware propagation.
Such attacks can cause serious damage to both developers and their clients, as hackers gain access to programs and the ability to steal intellectual property.
These were the most pressing cybersecurity updates. Follow ESCU's to get the new digest next week.