Russian APT28 Hackers Exploit Zimbra Flaw to Target Ukrainian Government

Russian state-backed threat group APT28, linked to the GRU (Russia’s military intelligence service), is exploiting a vulnerability in Zimbra Collaboration Suite (ZCS) to target Ukrainian government entities. The attacks specifically focus on compromising systems within Ukraine’s government infrastructure. No specific CVE ID, technical details of the flaw, or exact timeline of the attacks were provided in the report. The activity is attributed to APT28, a group known for cyber espionage and disruptive operations aligned with Russian military objectives. The impact involves unauthorized access to government systems, though the full scope of the compromise remains undisclosed.