The file BDPA28.rar is a malicious archive used in a 2026 APT28/Fancy Bear cyber-espionage campaign targeting European maritime and transport sectors. Research indicates the campaign exploits CVE-2026-21509 to deploy a backdoor that leverages legitimate cloud services for command-and-control communication. Read the full analysis at Trellix .