The National Security Agency announced on April 7, 2026 that it has joined the FBI in issuing a public service announcement warning of Russian GRU exploitation of vulnerable routers. The joint statement highlights that the FBI, NSA, and international partners disrupted a GRU network that used compromised small‑office home‑office routers for hijacking operations. Russian GRU actors, known as APT28, Fancy Bear, and Forest Blizzard, have targeted devices worldwide, including TP‑Link routers via CVE‑2023‑50224. The announcement urges SOHO router users to change default credentials, disable remote management, update firmware, and upgrade end‑of‑support devices. It also recommends reviewing telework policies, using VPNs, and following incident reporting procedures. Guidance and best‑practice resources are provided on the NSA website.
Made by AI. If you spot anything of concern write us at contact@cybach.com. We’ll promptly correct irregularities.