Suspected Russian nation-state threat groups have duped multiple victims into granting potentially persistent access to networks via authentication requests and valid tokens.

Volexity believes, with moderate confidence, that Cozy Bear is behind the spearphishing campaign with an election fraud lure.

The latest findings come after Kaspersky uncovered an espionage effort involving the coronavirus pandemic.

Volexity suggested the campaign could be connected to Google's iOS findings.

Researchers say the hacking group is getting better at finding ways to leverage faults in Javascript to hide and carry out breaches of credit card payment systems.