
ロシア軍ハッカーがウクライナに悪意のあるウィンドウズ・アクティベーターを配備 - PRSOL:CC
ロシア軍のサイバースパイグループ「Sandworm」は、トロイの木馬化したMicrosoft Key Management Service (KMS)アクティベータと偽のWindowsアップデートで、ウクライナのWindowsユーザーを標的にしています。 これらの攻撃は2023年後半に始まった可能性が高く、現在、EclecticIQの脅威アナリストは、重複するインフラ、一貫した戦術、技術、手順(TTPs)、および攻撃に使用されるドメインを登録するために頻繁に使用されるProtonMailアカウントに基づいて、Sandwormのハッカーとリンクしています。 攻撃者はまた、DarkCrystal…
绿盟威胁情报周报(2025.01.20-2025.01.26) – 绿盟科技技术博客
February 2025 Patch Tuesday: Microsoft Fixes 63 Vulnerabilities, Including Two Actively Exploited Zero-Days - SOCRadar® Cyber Intelligence Inc.
Microsoft’s latest Patch Tuesday update for February 2025 delivers important security fixes, addressing 63 vulnerabilities across various products.
Sandworm APT Attacks Detection: russian State-Sponsored Hackers Deploy Malicious Windows KMS Activators to Target Ukraine - SOC Prime
Detect Sandworm APT attacks exploiting malicious Windows KMS activators in a cyber-espionage against Ukraine with Sigma rule from SOC Prime.
Two tales and one Antidot(e) — a new mobile malware campaign in Poland
Recently, the Polish cyber threat landscape has seen a growing number of malicious mobile applications. In addition to identifying the…
VulnLab Baby
Hey everyone, welcome back! It’s Maverick here with a new write-up — this time for my first machine on VulnLab. It’s a straightforward…
Microsoft Fixes Another Two Actively Exploited Zero-Days
February Patch Tuesday sees Microsoft fix four zero-days, including two under active exploitation
APT29 Təhdidi Kampaniyası(Threat Campaign) — Alman Təşkilatlarına Hücum
APT29, həmçinin Cozy Bear kimi tanınan, Rusiya hökuməti ilə əlaqəli olduğu güman edilən bir kiber təhdid qrupudur. APT29 Alman…
U.S. CISA adds Microsoft Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog.
Sandworm APT Hackers Weaponize Microsoft KMS Activation Tools To Compromise Windows
The Russian state-sponsored hacking group Sandworm (APT44), linked to the GRU, has been exploiting pirated Microsoft KMS activation tools.
Microsoft Patch Tuesday security updates for February 2025 ficed 2 actively exploited bugs
Microsoft Patch Tuesday security updates for February 2025 addressed four zero-day flaws, two of which are actively exploited in the wild.
XELERA Ransomware Campaign: Fake Food Corporation of India Job Offers Targeting Tech Aspirants
XELERA Ransomware Campaign: Fake Food Corporation of India Job Offers Targeting Tech Aspirants Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: Affiliat…
BTMOB RAT Newly Discovered Android Malware
Cyble analyzes BTMOB RAT, advanced Android malware actively spreading via phishing sites, leveraging Accessibility Services to steal credentials, control devices remotely, and execute various malicious activities.
Microsoft Patch Tuesday, February 2025 Edition
Microsoft today issued security updates to fix at least 56 vulnerabilities in its Windows operating systems and supported software, including two zero-day flaws that are being actively exploited. Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off usin…
Microsoft Patch Tuesday, February 2025 Security Update Review – Qualys ThreatPROTECT
独家|360发布全球高级威胁研究报告:我国14大重点行业面临境外APT威胁-安全KER - 安全资讯平台
安全KER - 安全资讯平台
Linux X.509基于证书的用户登录缺陷让攻击者绕过身份验证-安全KER - 安全资讯平台
安全KER - 安全资讯平台
Ivanti修补了Connect Safe和Policy Safe中的关键缺陷-立即更新-安全KER - 安全资讯平台
安全KER - 安全资讯平台
CVE-2025-24032、CVE-2025-24531等:PAM-PKCS#11中的关键缺陷将Linux身份验证暴露给攻击者-安全KER - 安全资讯平台
安全KER - 安全资讯平台
CVE-2025-22467(CVSS9.9):Ivanti Connect安全漏洞允许远程代码执行-安全KER - 安全资讯平台
安全KER - 安全资讯平台
Microsoft补丁积极利用零时缺陷-CVE-2025-21418 & CVE-2025-21391-安全KER - 安全资讯平台
安全KER - 安全资讯平台
JVN#84319378: acmailer vulnerable to cross-site scripting
Cybercrime: A Multifaceted National Security Threat | Google Cloud Blog
Google Threat Intelligence Group discusses the current state of cybercrime, and why it must be considered a national security threat.
XELERA Ransomware Targets Tech Aspirants with Fake Food Corporation of India Job Offers
A new XELERA ransomware campaign is targeting tech aspirants with fake job offers from the Food Corporation of India (FCI). Learn how this Python-based malware uses Discord for C2, steals credentials, and deploys ransomware. Includes IOCs and MITRE ATT&CK analysis.
Influencing Security: 5 Keys to Selling Security Initiatives Throughout the Organization
Gain the support you need to accomplish your goals
OpenSSL patched high-severity flaw CVE-2024-12797
OpenSSL patched the vulnerability CVE-2024-12797, a high-severity flaw found by Apple that enables man-in-the-middle attacks.
Patch Tuesday - February 2025 | Rapid7 Blog
Microsoft Patch Tuesday for February 2025 — Snort rules and prominent vulnerabilities
Microsoft has released its monthly security update for February of 2025 which includes 63 vulnerabilities affecting a range of products, including 4 that Microsoft marked as “critical” and one marked as “moderate.” There are two notable “critical” vulnerabilities. The first is CVE-2025-21376, which…
February Patch Tuesday delivers 57 packages
After January’s deluge, a calmer update volume returns
CVE Alert: CVE-2025-21693 - RedPacket Security
In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswap_compress()
CVE Alert: CVE-2025-25186 - RedPacket Security
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Starting in version 0.3.2 and prior to versions 0.3.8, 0.4.19, and
The February 2025 Security Update Review
We’ve survived Pwn2Own Automotive and made it to the second Patch Tuesday of 2025. As always, Microsoft and Adobe have released their latest security patches. Take a break from your scheduled activities and join us as we review the details of their latest security alerts. If you’d rather watch the …
Horizon Alert — 02/2025–4 (5) Zero Days
NTLM Hash Disclosure, UEFI Bypass, Deletion of File, SYSTEM…
アップル、「極めて巧妙な」攻撃に悪用されたゼロデイを修正 - PRSOL:CC
アップル社は、「極めて巧妙な」標的型攻撃に悪用されたというゼロデイ脆弱性を修正するための緊急セキュリティ・アップデートをリリースした。 「物理的な攻撃により、ロックされたデバイスのUSB制限モードが無効になる可能性があります。 「アップルは、この問題が特定の標的を絞った極めて巧妙な攻撃で悪用された可能性があるという報告を承知している。 USB制限モードは、デバイスが1時間以上ロックされている場合、USBアクセサリがデータ接続を作成するのをブロックするセキュリティ機能(iOS 11.4.1で約7年前に導入)である。この機能は、GraykeyやCellebriteのようなフォレンジック・ソフトウ…
XE Group Activity Detection: From Credit Card Skimming to Exploiting CVE-2024-57968 and CVE-2025-25181 VeraCore Zero-Day Vulnerabilities - SOC Prime
Detect XE Group activity using CVE-2024-57968 and CVE-2025-25181, zero-day exploits in VeraCore, with Sigma rules from SOC Prime Platform.
360发布全球高级威胁研究报告:我国14大重点行业面临境外APT威胁 - 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
国产化软件系统“受灾”严重,2024全球高级威胁研究报告出炉。
Progress Software fixed multiple high-severity LoadMaster flaws
Progress Software fixed multiple vulnerabilities in its LoadMaster software, which could be exploited to execute arbitrary system commands.
Weekly Detection Rule (YARA and Snort) Information - Week 2, February 2025 - ASEC
The following is the information on Yara and Snort rules (week 2, February 2025) collected and shared by the AhnLab TIP service. 2 YARA Rules Detection name Description Source PK_Binance_nuxt Phishing Kit impersonating Binance https://github.com/t4d/PhishingKit-Yara-Rules PK_MondialRelay_traffyque …
주간 탐지 룰(YARA, Snort) 정보 - 2025년 2월 2주차 - ASEC
AhnLab TIP 서비스에서 수집한, 공개된 YARA, Snort룰(2025년 2월 2주) 정보입니다. 2 YARA Rules 탐지명 설명 출처 PK_Binance_nuxt Binance(암호화폐 거래) 를 사칭하는 Phishing Kit 탐지 https://github.com/t4d/PhishingKit-Yara-Rules PK_MondialRelay_traffyque Mondial Relay(프랑스 국제 택배)를 사칭하는 Phishing Kit 탐지 https://github.com/t4d/PhishingKit-Yara-Ru…
Cyber Briefing: 2025.02.11
👉 What’s the latest in the cyber world today?
Microsoft Patch Tuesday for February 2025 — Snort rules and prominent vulnerabilities
Microsoft has released its monthly security update for January of 2025 which includes 58 vulnerabilities, including 3 that Microsoft marked as “critical” and one marked as "moderate". The remaining vulnerabilities listed are classified as “important.”
Sandworm APT Targets Ukrainian Users with Trojanized Microsoft KMS Activation Tools in Cyber Espionage Campaigns
Executive Summary Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: Affiliate link – your enrollment helps support this platform at no extra cost to you…
Microsoft’s February 2025 Patch Tuesday Addresses 55 CVEs (CVE-2025-21418, CVE-2025-21391)
3Critical52Important0Moderate0LowMicrosoft addresses 55 CVEs with three rated critical and four zero-day vulnerabilities, including two that were exploited in the wild.Microsoft patched 55 CVEs in its February 2025 Patch Tuesday release, with three rated critical and 52 rated as important. Our coun…
Microsoft’s February 2025 Patch Tuesday Addresses 55 CVEs (CVE-2025-21418, CVE-2025-21391)
Microsoft addresses 55 CVEs with three rated critical and four zero-day vulnerabilities, including two that were exploited in the wild.
NVIDIA AI vulnerability: Deep Dive into CVE 2024-0132 | Wiz Blog
Critical severity vulnerability (CVE-2024-0132) affecting Container Toolkit and GPU Operator may present risk to cloud service providers
RATatouille: Cooking Up Chaos in the I2P Kitchen
Discover the challenges of ClickFix12 and the newly identified I2PRAT. Uncover the advanced techniques employed by this multi-stage RAT.
Zero Day Initiative — The February 2025 Security Update Review
We’ve survived Pwn2Own Automotive and made it to the second Patch Tuesday of 2025. As always, Microsoft and Adobe have released their latest security patches. Take a break from your scheduled activities and join us as we review the details of their latest security alerts. If you’d rather watch the f
新型 Aquabotv3 勒索软件利用 Mitel 命令注入漏洞发起攻击 - 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
这是一个中等严重的漏洞,它允许具有管理员特权的身份验证的攻击者,由于启动过程中的参数消毒不足而进行参数注射攻击,从而导致任意命令执行。
Apple Update Mitigates “Extremely Sophisticated” Zero-Day Exploit
Apple has patched a zero-day vulnerability being exploited in targeted attacks
Monthly Threat Actor Group Intelligence Report, November 2024 (JPN)
Monthly Threat Actor Group Intelligence Report, November 2024 (JPN) Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: Affiliate link – your enrollment he…
김수키(Kimsuky) 에서 만든 종신안내장 으로 위장한 악성코드-종신안내장v02_곽X환d.zip(2025.2.5)
오늘은 북한 해킹 단체 김수키(Kimsuky)에서 만든 악성코드인 종신안내장 으로 위장한 악성코드-종신안내장v02_곽X환d.zip(2025.2.5)에 대해 글을 적어보겠습니다.일단 일단 PDF 파일인 것처럼 돼 있지만, 사실은 PDF 파일이 아닌 그냥 링크 파일 아니다. 해당 악성코드 해쉬값은 다음과 같습니다.파일명:종신안내장v02_곽X환d.zip사이즈:6,427 BytesMD5:40837012253331958723dda63fdfabffSHA-256:079907b7feab3673a1767dbfbc0626e656f5d3b03b6cf…
Multiple Vulnerabilities in Fortinet Products Could Allow for Remote Code Execution
<p>Multiple vulnerabilities have been discovered Fortinet Products, the most severe of which could allow for remote code execution. </p><p> </p><ul><li>FortiManager is a network and security management tool that provides centralized management of Fortinet devices from a single console. </li><li>For…
Linux Detection Engineering - Approaching the Summit on Persistence Mechanisms — Elastic Security Labs
Building on foundational concepts and techniques explored in the previous publications, this post discusses some creative and/or complex persistence mechanisms.
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
<p>Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the …
Russian military hackers deploy malicious Windows activators in Ukraine
The Sandworm Russian military cyber-espionage group is targeting Windows users in Ukraine with trojanized Microsoft Key Management Service (KMS) activators and fake Windows updates.
Multiples vulnérabilités dans les produits Siemens - CERT-FR
Sandworm APT Targets Ukrainian Users with Trojanized Microsoft KMS Activation Tools in Cyber Espionage Campaigns
Sandworm APT targets Ukrainian users with Trojanized Microsoft KMS tools for cyber espionage, leveraging pirated software to exfiltrate sensitive data and compromise critical infrastructure.
February 2025 Patch Tuesday: Updates and Analysis | CrowdStrike
Microsoft has released security updates for 67 vulnerabilities, including 4 zero-days and 3 critical, in its February 2025 Patch Tuesday rollout.
Monthly Threat Actor Group Intelligence Report, November 2024 (JPN) – Red Alert
Microsoft Patch Tuesday, February 2025 Edition – Krebs on Security
Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws
Today is Microsoft's February 2025 Patch Tuesday, which includes security updates for 55 flaws, including four zero-day vulnerabilities, with two actively exploited in attacks.
Microsoft February 2025 Patch Tuesday - SANS Internet Storm Center
Microsoft February 2025 Patch Tuesday, Author: Renato Marinho
独家|360发布全球高级威胁研究报告:我国14大重点行业面临境外APT威胁
360发布2024全球APT研究报告,全面洞见高级威胁未来发展态势
Multiples vulnérabilités dans les produits SAP - CERT-FR
U.S. adversaries increasingly turning to cybercriminals and their malware for help
A Google Threat Intelligence Group report notes that Russia in particular has been doing this since the Ukraine war began.
Microsoft fixes 63 vulnerabilities, including 2 zero-days
The company’s monthly Patch Tuesday update comes with more than two-thirds of the patches closing high-severity flaws.
Fortinet warns of new zero-day exploited to hijack firewalls
Fortinet warned today that attackers are exploiting another authentication bypass zero-day bug in FortiOS and FortiProxy to hijack Fortinet firewalls and breach enterprise networks.
Fortinet discloses second firewall auth bypass patched in January
Fortinet has disclosed a second authentication bypass vulnerability that was fixed as part of a January 2025 update for FortiOS and FortiProxy devices.
US-CERT Vulnerability Summary for the Week of February 3, 2025 - RedPacket Security
Bulletins provide weekly summaries of new vulnerabilities. Patch information is provided when available.
Apple fixes iPhone and iPad bug actively exploited in ‘extremely sophisticated attacks’
Apple released iOS and iPadOS updates to address a zeroday likely exploited in extremely sophisticated attacks targeting specific individuals
Malware Analysis Monday #2
Genesis 1, but the chapter just gets longer.
HPE is notifying individuals affected by a December 2023 attack
Hewlett Packard Enterprise (HPE) has begun notifying individuals affected by a December 2023 attack carried out by Russian threat actors.
MITRE ATT&CK in Action: Mapping TTPs & Data Sources for Real-World Threat Detection
MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is a globally accessible knowledge base of real-world cyber attack…
Conducting ATT&CK Assessments Based on APTs and Client Business Sectors.
I’ve been working with MITRE ATT&CK since the beginning of my cybersecurity career, and over the past four years, I’ve faced challenges in…
Further insights into Ivanti CSA 4.6 vulnerabilities exploitation
Identifier: TRR250201. Summary Between October 2024 and late January 2025, public reports described the exploitation of Ivanti CSA vulnerabilities which started Q4 2024. We share analysis results confirming a worldwide exploitation, that lead to Webshells deployments in September and October 2024. …
10th February – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 10th February, please download our Threat Intelligence Bulletin. Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coup…
10th February – Threat Intelligence Report - Check Point Research
For the latest discoveries in cyber research for the week of 10th February, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Grubhub, the US-based online food ordering and delivery platform, suffered a data breach due to unauthorized access through a compromised third-part…
XE Group shifts from credit card skimming to exploiting zero-days
The cybercrime group XE Group exploited a VeraCore zero-day to deploy reverse shells, web shells in recent attacks.
Fake CAPTCHA leads to Vidar Stealer
There’s been an apparent resurgence of fake CAPTCHA style malware delivery in the recent months. This is a fairly clever way of having a…
CERT-In Warns of High-Severity Vulnerabilities in Mozilla Firefox and Thunderbird
The Indian Computer Emergency Response Team (CERT-In) has issued a vulnerability note (CIVN-2025-0016) highlighting a series of Mozilla vulnerability, including
Cyble Warns Of Patient Monitor Risk In ICS Vulnerability Report
A 9.8-severity patient monitor vulnerability draws warnings from CISA, the FDA and Cyble.
Critical Zimbra Flaws Allow Attackers to Gain Unauthorized Access to Sensitive Data
Serious vulnerabilities in Zimbra Collaboration Suite (ZCS), a popular enterprise email and collaboration platform, have raised alarm in the cybersecurity community.
MITRE ATT&CK T1555 Credentials from Password Stores
This blog explains the T1555 Credentials from Password Stores technique and its sub-techniques in the MITRE ATT&CK framework.
CVE-2025-23114: Veeam Users Urged To Patch Now
A critical vulnerability (CVE-2025-23114) in Veeam Updater allows remote code execution via MitM attacks. Users must apply patches immediately to prevent exploitation.
AhnLab EDR을 활용한 Akira 랜섬웨어 공격 사례 탐지 - ASEC
Akira는 상대적으로 새롭게 등장한 랜섬웨어 공격자로서 2023년 3월부터 활동하고 있다. 다른 랜섬웨어 공격자들과 유사하게 조직에 침투한 이후 파일을 암호화할 뿐만 아니라 민감한 정보를 탈취해 협상에 사용한다. 실제 다음과 같은 2024년 통계에서도 Akira 랜섬웨어에 의한 피해 기업의 수가 상위권을 차지하고 있다. [1] Figure 1. 2024년 랜섬웨어 피해 통계 공격자는 랜섬웨어를 통해 조직의 시스템을 암호화한 이후 협상을 […]
RST TI Report Digest: 10 Feb 2025
We analysed 59 threat intelligence articles that we collected last week and are sharing a short summary of 10 of them with IoCs.
Bulletin d'actualité CERTFR-2025-ACT-006 - CERT-FR
Apple fixes zero-day exploited in 'extremely sophisticated' attacks
Apple has released emergency security updates to patch a zero-day vulnerability that the company says was exploited in targeted and "extremely sophisticated" attacks.
Targeted Threats Research - South & North Korea (a breakdown of 3 years of threat research in Korea)
This research will be discussed at RightsCon 2025: Unveiling North Korea’s cyber threats: safeguarding human rights Sections: 1. Executive Summary 2. Introduction 3. Methodology 1. Sample submission 2. Auditing 3. Malware analysis 4. Email Content analysis 5. Passive DNS & …
Weekly Cybersecurity Roundup: Feb 3, 2025 — Feb 9, 2025
Cybersecurity, government experts are aghast at security failures in DOGE takeover
TLS 1.2 vs TLS 1.3
TLS 1.3 enhances online security by streamlining the handshake process, eliminating outdated ciphers, and improving speed and efficiency
HPE、ロシアのOffice 365ハッキングを受け、データ漏洩を従業員に通知 - PRSOL:CC
ヒューレット・パッカード・エンタープライズ(HPE)は、2023年5月のサイバー攻撃でロシアの国家支援を受けたハッカーによって同社のOffice 365メール環境からデータを盗まれた従業員に通知している。 ニューハンプシャー州とマサチューセッツ州の司法長官事務所に提出された書類によると、HPEは先月、運転免許証、クレジットカード番号、社会保障番号を盗まれた少なくとも16人に対し、侵害通知書の送付を開始した。 「HPEのフォレンジック調査により、特定の個人の個人情報が不正アクセスを受けた可能性があることが判明しました。「2025年1月29日、HPEは適用される法律に従い、影響を受けた個人に対し…
Analysis of malicious mobile applications impersonating popular Polish apps — OLX, Allegro, IKO
Cybercriminals are once again exploiting the popularity of online marketplaces by creating malicious mobile applications that imitate…
Kimsuky Group used custom RDP Wrapper version
Researchers spotted North Korea's Kimsuky APT group launching spear-phishing attacks to deliver forceCopy info-stealer malware.
ScarCruft APT Malware Uses Image Steganography
*Note: This article was originally published by the author on May 16, 2019. It is re-posted here by the author for archival purposes. Free…
CVE Alert: CVE-2025-24028 - RedPacket Security
Joplin is a free, open source note taking and to-do application, which can handle a large number of notes organised into notebooks. This vulnerability is
CVE Alert: CVE-2025-25187 - RedPacket Security
Joplin is a free, open source note taking and to-do application, which can handle a large number of notes organised into notebooks. This vulnerability is
Cisco ISEの重大なバグにより、攻撃者がrootとしてコマンドを実行する可能性がある - PRSOL:CC
シスコは、同社のアイデンティティ・サービス・エンジン(ISE)セキュリティ・ポリシー管理プラットフォームの2つの重大な脆弱性を修正するパッチをリリースした。 企業の管理者は、認証、認可、およびアカウンティングを単一のアプライアンスに統合するアイデンティティおよびアクセス管理(IAM)ソリューションとして、Cisco ISEを使用しています。 2つのセキュリティ上の欠陥(CVE-2025-20124およびCVE-2025-20125)は、読み取り専用の管理者権限を持つ認証済みのリモート攻撃者に悪用される可能性があり、パッチを適用していないデバイス上でrootとして任意のコマンドを実行し、認証を…
Resolving a Mutual TLS session resumption vulnerability
Cloudflare patched a Mutual TLS (mTLS) vulnerability (CVE-2025-23419) reported via its Bug Bounty Program. The flaw in session resumption allowed client certificates to authenticate across different zones improperly. Cloudflare mitigated the issue in 32 hours by disabling session resumption for mTL…
Cybersecurity News Review — Week 6 (2025)
I had to cut a lot from this week’s packed list of cybersecurity developments, but I wanted to leave the several stories about DeepSeek, highlighting the volatile environment in the AI space. Russian…