A cybersecurity threat actor known as Cavalry Werewolf has been targeting Russian state agencies, energy, mining, and manufacturing sectors using malware families like FoalShell and StallionRAT. These attacks were initiated through phishing emails disguised as correspondence from Kyrgyz officials, allowing intruders to execute commands and exfiltrate data via a Telegram bot. Russian cybersecurity vendor BI.ZONE reported that over the past year, at least 500 companies in Russia have been compromised, highlighting a significant vulnerability in the country’s cybersecurity landscape. This incident underscores the increasing sophistication of cyber threats and the need for robust defense measures, especially as geopolitical tensions rise and such attacks could have broader implications for national security.