A previously undocumented threat actor, GREYVIBE, is attributed to ongoing, persistent, and AI-powered cyberattacks targeting Ukraine and related entities since at least August 2025, suggesting alignment with Kremlin state interests.
A newly identified threat actor named GREYVIBE has been attributed to persistent cyberattacks targeting Ukraine and its associated entities beginning in August 2025. According to WithSecure, GREYVIBE is assessed to be a Russian-speaking group operating within the Russian time zone, with its activities aligning with state interests from the Kremlin. The attacks are noted to utilize AI-powered methodologies.