TL;DR
Russian intelligence now steals Signal backup recovery keys via phishing, not just credentials [1,2]. Turla APT deploys StockStay malware targeting Ukrainian government and energy [17]. GitHub repositories are being weaponized to trick AI coding agents into executing invisible malware payloads [6].
Executive Summary
- Russian intelligence services have evolved their Signal phishing campaign to now coerce victims into surrendering their Signal Backup Recovery Keys, granting attackers persistent access to message history.
- Google threat intelligence researchers identified StockStay, a new malware family deployed by the Russian cyber-espionage group Turla, as part of ongoing operations against Ukraine.
- Agentic AI coding tools can be tricked into executing malware hidden within seemingly benign GitHub repositories, bypassing both security scanners and human review.
- Polymarket customers lost an estimated $3 million following injection of malicious scripts by threat actors who breached a third-party vendor.
- Threat actors are impersonating legitimate companies via fraudulent OpenAI organization invites to harvest sensitive information from cybersecurity firms.
Top Threats Today
1. Russian Intelligence Signal Backup Key Phishing Campaign
Severity: HIGH Affected: Government
The FBI and CISA have updated their March warning about Russian intelligence services phishing Signal accounts, revealing that operators have escalated their tactics ⚠ [2][3]. Targets are now being coerced into handing over their Signal Backup Recovery Key, which allows attackers to restore the account's backup and access historical messages [3]. The campaign targets government officials, military personnel, politicians, and activists in Ukraine, and the Security Service of Ukraine (SSU) has coordinated with the FBI on the investigation [1]. According to CISA, Russian Intelligence Services (RIS) continue targeting commercial messaging applications as part of this long-running operation .
Sources:[1] The Hacker News[2] The Hacker News[3] BleepingComputer
Recommended Action
- Advise all users with Signal accounts, especially those in government and defense sectors, to strengthen phishing awareness training and avoid clicking unsolicited support links.
- Enable multi-factor authentication on all messaging account recovery options and protect backup recovery keys with the same rigor as passwords.
- Monitor for fake support communications purporting to be from Signal, platform vendors, or tech support services.
2. Turla APT Deploys StockStay Malware Against Ukraine
Severity: HIGH Affected: Government
Google threat intelligence researchers have identified StockStay, a newly developed malware deployed by the Russian cyber-espionage group Turla [1]. The malware is being used as part of targeted cyber attacks aimed at government entities and critical infrastructure in Ukraine, particularly state-owned enterprises ⚠ in the energy and government sectors .
Sources:[1] The Record
Recommended Action
- Update endpoint detection and response (EDR) systems with signatures for StockStay malware and monitor for Turla-attributed command-and-control traffic.
- Increase monitoring of energy and government sector networks for lateral movement and data exfiltration indicators consistent with espionage operations.
- Coordinate with national cybersecurity authorities on threat intelligence sharing regarding Turla TTPs and indicators of compromise.
3. AI Coding Agents Tricked Into Executing Malware via GitHub
Severity: HIGH Affected: Technology
An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository can be exploited to execute a malicious payload that remains invisible to security scanners, AI agents, and human reviewers [1]. This represents a novel supply-chain attack vector targeting the emerging ecosystem of autonomous AI development tools.
Sources:[1] BleepingComputer
Recommended Action
- Sandbox or air-gap agentic AI coding tools when they interact with untrusted GitHub repositories or external code sources.
- Implement code review processes that do not rely solely on automated scanning; require human inspection of repository setup scripts and initialization logic.
- Restrict agentic tool permissions to read-only access where feasible, and disable automatic execution of build or deployment scripts.
4. Polymarket Supply-Chain Attack Results in $3 Million Loss
Severity: HIGH Affected: Finance
Polymarket customers lost an estimated $3 million after hackers injected a malicious script into the platform's frontend following a breach at a third-party vendor [1]. The company has pledged full reimbursement to affected customers.
Sources:[1] BleepingComputer
Recommended Action
- Review all third-party vendor dependencies and assess their security posture and incident response capabilities.
- Implement content security policy (CSP) headers and subresource integrity (SRI) checks to detect unauthorized script injection.
- Establish vendor breach notification requirements and define incident response thresholds that trigger customer notification.
5. Fraudulent OpenAI Organization Invites Target Cybersecurity Firms
Severity: HIGH Affected: Technology
Threat actors are creating OpenAI tenants that impersonate legitimate companies and inviting employees to join them, in what appears to be a ploy to trick targets into submitting sensitive company information in chats and projects [1]. Cybersecurity firms are being specifically targeted by these fraudulent invitations.
Sources:[1] BleepingComputer
Recommended Action
- Educate employees on verifying OpenAI organization invitations through official channels and checking sender email domains carefully.
- Implement policies requiring employees to report unsolicited platform invitations and to avoid sharing sensitive company data in any externally-hosted collaboration tool without explicit authorization.
- Monitor for credential submissions and sensitive data disclosures in chat platforms, and revoke access if impersonation is suspected.
Today’s Action Checklist
- ☐ URGENT: Brief all government and defense personnel on Signal phishing tactics; remind staff that recovery keys are equivalent to passwords.
- ☐ HIGH: Review GitHub repository scanning and update agentic AI tool configurations to prevent automatic execution of untrusted setup scripts.
- ☐ HIGH: Audit third-party vendor dependencies and their security incident disclosure processes; prioritize those with recent breaches.
- ☐ ROUTINE: Add Turla and StockStay indicators of compromise to threat feeds and monitoring rules for critical infrastructure sectors.
- ☐ ROUTINE: Send internal alert reminding staff to verify OpenAI organization invitations through official company channels only.