Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp
A suspected Russian hacking group known as Water Gamayun, also referred to as EncryptHub and LARVA-208, has been identified as the threat actor behind the zero-day exploitation of CVE-2025-26633 in Microsoft Windows. This vulnerability, also dubbed "MSC EvilTwin," enables attackers to deploy two new backdoors: SilentPrism and DarkWisp.