https://www.bleepingcomputer.com/news/security/russian-hackers-compromise-embassy-emails-to-target-governments/

Security analysts have uncovered a recent phishing campaign from Russian hackers known as APT29 (Cozy Bear or Nobelium) targeting diplomats and government entities.

The APT29 is a state-sponsored actor that focuses on cyberespionage and has been active since at least 2014. Its targeting scope is determined by current Russian geopolitical strategic interests.