Google Details Turla's New STOCKSTAY Backdoor Used in Ukraine Espionage Attacks

Published on June 26, 2026

The Russian state-sponsored threat actor known as Turla has been attributed to a previously undocumented .NET backdoor called STOCKSTAY that has been deployed against government and military organizations in Ukraine, and entities that have an interest in Italian foreign policy. Describing the Windows backdoor as continually developed by the hacking group, Google Threat Intelligence Group (

Continue reading on website
Other news

Anthropic is testing desktop-like Claude Cowork for mobile

June 25, 2026
Anthropic appears to be testing Claude Cowork support on mobile, allowing you to manage long-running Claude tasks from your phone. [...]

Russia Used Cellebrite on Jailed Activist's iPhone Months After Sales Cutoff

June 26, 2026
Russian authorities used Cellebrite's UFED forensic tools to break into the iPhone of detained opposition activist Andrey Pivovarov in June 2021, three months after Cellebrite said it would stop selling its tools and services to Russia and Belarus.The finding, published June 25 by the Citizen Lab, rests on two things that rarely line up: traces on the phone itself and an official Russian