{"uuid": "f6f8d44a-cda3-4625-97b6-bb8740bf5658", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-8088", "type": "seen", "source": "https://infosec.exchange/users/tomcat/statuses/116815263455530372", "content": "\ud83d\udea8 Google has linked Turla to a new .NET backdoor.\nSTOCKSTAY was used in espionage campaigns targeting #Ukraine government and military organizations.\nIt overlaps with Kazuar and reached targets through phishing, RDP files, MSI installers, and #WinRAR CVE-2025-8088 lures.\nSee the full attack details \ud83e\udc16 https://thehackernews.com/2026/06/google-details-turlas-new-stockstay.html", "creation_timestamp": "2026-06-26T07:37:45.786124Z"}