Russian state-linked hackers are running active phishing campaigns against commercial messaging apps, and U.S. agencies want you to know the playbook has evolved.
CISA and the FBI issued an updated Public Service Announcement on June 26, 2026, refreshing a March 2026 alert about Russian Intelligence Services targeting messaging application accounts. The update includes newly documented tactics, fresh samples of phishing messages in circulation, and revised mitigation guidance. The agencies did not name specific messaging platforms, but the breadth of the term "commercial messaging applications" suggests the campaign is not limited to any single app.
The update matters because it signals the campaign is ongoing and adaptive — not a one-time wave that defenders already absorbed. Russian intelligence actors iterating their lures means organizations that hardened their posture in March may be looking at a different threat today.
This is at least the second public warning on this specific threat vector in under four months, which is a faster drumbeat than most advisory cycles. If your organization still relies on messaging apps for sensitive coordination without phishing-resistant multi-factor authentication, the agencies have now said so twice.