{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreigwtshrntkoucee6zftdylll7gofhki5wra45otgoluj5sxovmj2m",
    "uri": "at://did:plc:6wtxqaikjf62unmnajbfbq5v/app.bsky.feed.post/3mpgskpnm4is2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreifott6nfdegep6k4vvqd3otax5fj223gbv734qnw6rhv6eggdhony"
    },
    "mimeType": "image/webp",
    "size": 51994
  },
  "path": "/russia-linked-turla-uses-stockstay-backdoor-in-ukraine-espionage-campaign/",
  "publishedAt": "2026-06-29T14:41:37.000Z",
  "site": "https://vpncentral.com",
  "tags": [
    "News",
    "Russia-Linked Turla Uses STOCKSTAY Backdoor in Ukraine Espionage Campaign",
    "VPN Central"
  ],
  "textContent": "Russia-linked Turla has added a .NET backdoor called STOCKSTAY to its espionage toolkit, with Ukraine government and military organizations among the main targets. The malware has been under active development since at least December 2022, according to the Google Threat Intelligence Group. STOCKSTAY stands out because it does more than run commands on a compromised […]\n\nThe post Russia-Linked Turla Uses STOCKSTAY Backdoor in Ukraine Espionage Campaign appeared first on VPN Central.",
  "title": "Russia-Linked Turla Uses STOCKSTAY Backdoor in Ukraine Espionage Campaign"
}