DEV-0586 is a threat actor attributed to RU, also known as Ruinous Ursa, Cadet Blizzard. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does DEV-0586 exploit?

Specific CVE exploitation data for DEV-0586 is being tracked. Check the Strobes VI threat actor profile for updates.

Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives

PoC for every finding

30+ tools orchestrated

Book a Demo Learn More

Setup in 5 minutesSOC 2 & ISO 27001

DEV-0586

Also known as: Ruinous Ursa, Cadet Blizzard

Exploited CVEs

Overview

MSTIC has not found any notable associations between this observed activity, tracked as DEV-0586, and other known activity groups. MSTIC assesses that the malware (WhisperGate), which is designed to look like ransomware but lacking a ransom recovery mechanism, is intended to be destructive and designed to render targeted devices inoperable rather than to obtain a ransom.

Exploited Vulnerabilities

No exploited CVEs have been attributed to this threat actor yet.

Browse CVE Database