Threat Intelligence Report

Operation Roundish: Uncovering an APT28 Roundcube Toolkit Used Against Ukrainian Government Targets

📅 March 14, 2026 📰 hunt.io 🔍 0 CVE(s) referenced

APT28’s “Operation Roundish” exposed a sophisticated, modular Roundcube exploitation toolkit targeting Ukrainian government webmail, combining credential theft, persistent mail forwarding, bulk exfiltration, browser compromise, and previously undocumented CSS side-channel and Go-based Linux implants, signaling a significant evolution in Russian GRU-linked cyber operations.

vendor

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle