{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreifgesvav4a2qjyum67hgncswupoxo6wquxucus7gogvtx6tbq2wni",
    "uri": "at://did:plc:ghkvexthfanuyq7fb5veq6tw/app.bsky.feed.post/3miwhniesgdg2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreidsmxffvtz65gbokwhjp3pwsxxjdmhlgfxalffkwcmkoacgjo373e"
    },
    "mimeType": "image/jpeg",
    "size": 155085
  },
  "path": "/2026/04/russian-state-linked-apt28-exploits.html",
  "publishedAt": "2026-04-07T16:48:00.000Z",
  "site": "https://thehackernews.com",
  "textContent": "The Russia-linked threat actor known as APT28 (aka Forest Blizzard) has been linked to a new campaign that has compromised insecure MikroTik and TP-Link routers and modified their settings to turn them into malicious infrastructure under their control as part of a cyber espionage campaign since at least May 2025. The large-scale exploitation campaign has been codenamed",
  "title": "Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign"
}