politico.eu – POLITICO
March 25, 2026 1:48 am CET
By Zoya Sheftalovich
“Our internal reviews have found no evidence that any devices, networks or systems have been compromised,” POLITICO says in email to staff.
BRUSSELS ― POLITICO launched a security review after a private telephone conversation between one of its reporters and an EU official about issues connected to Hungary and Ukraine was apparently intercepted and the recording published online.
The nine-minute audio clip, from a call that took place on March 3, was uploaded to YouTube on March 16. It has been listened to 5,100 times, according to YouTube data.
“Our internal reviews have found no evidence that any devices, networks or systems have been compromised,” Kate Day, POLITICO’s senior executive editor in Europe, and Carrie Budoff Brown, POLITICO’s executive editor and executive vice president, said in an email to employees on Wednesday.
“We will not be intimidated by an apparent attempt to interfere with independent reporting — nor deterred from the important work we do,” they wrote. “We have always been and will remain vigilant in protecting our sources, supporting the work of our journalists, and maintaining the accuracy of our independent, nonpartisan reporting.”
The issue comes at a time when leaks of confidential EU information are in the spotlight ahead of the Hungarian general election on April 12. In a report on Saturday, the Washington Post said that Viktor Orbán’s government maintained close contacts with Moscow throughout the war in Ukraine, and Hungarian Foreign Minister Péter Szijjártó used breaks during meetings with other member countries to update his Russian counterpart.
A spokesperson for the EU institution where the official works declined to comment on “tapes produced by unknown and anonymous actors.” POLITICO is not identifying the EU official because the call wasn’t on the record.
POLITICO has not been able to determine how the recording may have been obtained and who was responsible for posting it to YouTube.
‘Chilling message’
Several Slovak and Hungarian news websites wrote articles about the recording and published partial transcripts.
“Hacking and the disclosure of journalists’ materials strike at the heart of press freedom and the protections we must be able to rely on as reporters,” said President of the International Press Association in Brussels Dafydd ab Iago. “This is illegal under Belgian law, and it sends a chilling message not only to journalists in Brussels but also to our sources here … The harder question is how to pursue those state actors, whether operating from within the EU or from a third country like Russia.”
On Monday, the Orbán-aligned Hungarian newspaper Mandiner — one of the first outlets that wrote about the conversation — published a separate exchange between independent Hungarian journalist Szabolcs Panyi and a contact. The material was received via a “mysterious email” from an individual identifying himself as “the fourth branch of power,” according to the article’s author.
“We have important stories to tell and work to do and remain focused on maintaining the rigor, independence and purpose that our audience expects from us,” Day and Budoff Brown said in their email.
| CyberScoop cyberscoop.com
By
Tim Starks
March 20, 2026
It echoes earlier alerts from the Netherlands and Germany, and is the latest to warn about targeting of Signal users and others.
Russian intelligence-affiliated hackers have gained access to thousands of users’ messaging apps with a global phishing campaign, the FBI and the Cybersecurity and Infrastructure Security Agency warned in a public service announcement on Friday.
The high-value targets they’re pursuing include current and former U.S. government officials, political figures, military personnel and journalists, the two agencies said in the joint PSA about the hackers’ attempts to infiltrate commercial messaging applications (CMAs).
The U.S. alert comes on the heels of an earlier warning from Dutch authorities, who said last week that Russian hackers were “engaged in a large-scale global attempt” to take over WhatsApp and Signal accounts. The Dutch warning likewise followed a similar warning from Germany in February.
The U.S. agencies emphasized that the hackers had not been able to bypass end-to-end encryption, instead manipulating users into giving up access. The scheme involves hackers posing as Signal help personnel, then inviting them to click a link or provide verification codes or account personal identification number.
“After compromising an account, malicious actors can view the victims’ messages and contact lists, send messages, and conduct additional phishing against other CMA accounts,” the PSA explains. “(Note: reporting shows that the threat actors specifically target Signal accounts but can apply similar methods against other CMAs).”
However, “CMA users who strengthen their personal cybersecurity and defend against social engineering attempts can reduce the risk of account compromise and limit the effectiveness of the threat actors’ current tactics, techniques, and procedures,” the agencies said.
The Russian campaign is just the latest to seek to bypass the protections commercial messaging apps offer. CISA in November warned about spyware targeting of messaging apps.
There sometimes has been a Russian intelligence nexus to the recent targeting. Google Threat Intelligence Group shined a spotlight last year on Russian attempts to target Signal users in Ukraine.
‘We anticipate the tactics and methods used to target Signal will grow in prevalence in the near-term and proliferate to additional threat actors and regions outside the Ukrainian theater of war,” the company said.
Kyiv • UNN - unn.ua | УНН
December 6 2025
On December 6, the HUR MOD Cyber Corps and BO Team attacked the Russian logistics company "Eltrans+". Over 700 computers and servers were deactivated, 165 terabytes of data were destroyed, and network equipment was disabled.
The GUR Cyber Corps attacked Russia's leading logistics company on the night of December 6 - more than 700 computers and servers were deactivated, 165 terabytes of critical data were destroyed or encrypted, UNN reports with reference to sources.
On the night of December 6, specialists from the Main Intelligence Directorate of the Ministry of Defense, together with the BO Team, launched a cyberattack on the information and communication infrastructure of the Eltrans + group of companies. As a result of the attack, more than 700 computers and servers were deactivated, more than a thousand company users were deleted, and 165 terabytes of critical data were destroyed or encrypted.
ccording to the UNN interlocutor, in addition, the access control system, video surveillance data storage and backup system were affected, network equipment along with the core of the data center was deactivated and disabled, declarations for all cargo were destroyed, and all company websites were "defaced", which now greet Russian users with the Day of the Armed Forces of Ukraine.
Let's add
"Eltrans+" is among the top 10 largest customs representatives and freight forwarders in Russia. More than 5,000 Russian small, medium and large businesses use the services of "Eltrans+".
The company carries out international and domestic transportation (road, sea, air, multimodal), warehouse storage, transportation of consolidated cargo, as well as full customs clearance of goods.
"Eltrans+" is engaged in the delivery of sanctioned goods, as well as various electronic components from China, which are used by the Russian military-industrial complex, the UNN interlocutor reported.
newsukraine.rbc.ua - Cyber specialists from Ukraine's Defense Intelligence (HUR) have carried out a large-scale special operation targeting the occupation authorities in Crimea.
According to a Ukrainian intelligence source speaking to RBC-Ukraine, the operation lasted several days.
A powerful DDoS attack effectively paralyzed the information systems and network infrastructure in Crimea.
While the Russian occupiers were scrambling to identify the cause of the government systems' failure, HUR cyber experts infiltrated the electronic accounts of the leadership of the occupation administration in temporarily occupied Crimea. They gained access to the following digital resources:
A volunteer-run network of service centers halts custom firmware updates for DJI drones following a cyber attack.
Can a cyber operation have an impact on drone warfare? Recent developments in Russia offer an example of how this can happen in a not-so-obvious way.
On Friday, a volunteer group Russian Hackers for the Front (“Русские Хакеры – Фронту”, RH) known for building a customized firmware for DJI drones reported a cyber attack that affected its servers and end-point devices (terminals). While recovering from the attack, RH instructed hundreds of service centers to stop using its terminals until further notice, thus pausing a wide operation of weaponizing commercial drones.
Although details are scanty, this is a rare publicly reported cyber attack that affects drones warfare and might have militarily significant consequences.
In this post I will summarize what is known about the attack and provide additional information about the impact and who might be behind it.
The group, known as the Holy League, is said to be made up of around 90 hacktivist collectives united by opposition to Western liberal values
Ce rapport présente sous la forme d’une synthèse les principaux modes opératoires informationnels observés depuis trois ans, dont la majeure partie est apparue en corollaire de la guerre d’agression menée par la Russie en Ukraine.
Google Threat Intelligence Group (GTIG) has observed increasing efforts from several Russia state-aligned threat actors to compromise Signal Messenger accounts used by individuals of interest to Russia's intelligence services. While this emerging operational interest has likely been sparked by wartime demands to gain access to sensitive government and military communications in the context of Russia's re-invasion of Ukraine, we anticipate the tactics and methods used to target Signal will grow in prevalence in the near-term and proliferate to additional threat actors and regions outside the Ukrainian theater of war.
The ZDI team offers an analysis of how CVE-2025-0411, a zero-day vulnerability in 7-Zip was actively exploited to target Ukrainian organizations through spear-phishing and homoglyph attacks.
How Russian propaganda challenges Switzerland's neutrality, using disinformation to sway public opinion in the Ukraine war.
Russian internet service provider Nodex confirmed on Tuesday that its network was
"All the Justice Ministry's data has been saved. Recovery is underway," Deputy PM and Justice Minister Olha Stefanishyna said.
Ukrainian hackers carried out a cyberattack that took down online broadcasts of Russian state television and radio channels on Monday, according to an official in Kyiv with knowledge of the operation.
#A #Dmitry #Emerging #Europe #Infrastructure #Markets #Media #Peskov #Putin #Radio #Russia #Ukraine #Vladimir #business #cybersecni #cybersecurity #politics #technology
Specialists with the Ukrainian Defense Ministry's Main Intelligence Directorate (HUR) carried out a cyberattack on the websites of Russian government agencies and Russian airports on "Russia Day," with a number of flights being delayed. — Ukrinform.
Russia, which hasn’t been invited to the summit, has repeatedly called it “meaningless and harmful.” Swiss officials did not provide more details about the reported cyberattacks.
FortiGuard Labs has recently identified a sophisticated cyberattack involving an Excel file embedded with a VBA macro designed to deploy a DLL file. Learn more.
Hackers are utilizing code from a Python clone of Microsoft's venerable Minesweeper game to hide malicious scripts in attacks on European and US financial organizations.
Russian military intelligence, the G.R.U., is behind arson attacks aimed at undermining support for Ukraine’s war effort, security officials say.
Cyber Army of Russia Reborn, a group with ties to the Kremlin’s Sandworm unit, is crossing lines even that notorious cyberwarfare unit wouldn’t dare to.
