Ghostwriter group resumes attacks on Ukrainian Government targets

(Pierluigi Paganini – Security Affars) ESET researchers published a new report documenting fresh activity attributed to the APT group FrostyNeighbor, aka Ghostwriter, active since at least March 2026, targeting Ukrainian governmental organizations. The campaign is similar to previous FrostyNeighbor’s campaigns. The threat actor Ghostwriter (aka UNC1151, UAC-0057) is linked to the government of Belarus. In August 2020, security experts from FireEye uncovered a disinformation campaign aimed at discrediting NATO by spreading fake news content on compromised news websites. According to FireEye, the campaign tracked as GhostWriter, has been ongoing since at least March 2017 and is aligned with Russian security interests. The newest activity detected by ESET starts with a spear-phishing email carrying a PDF attachment. The document impersonates Ukrtelecom, one of Ukraine’s main telecommunications providers, and presents the victim with what looks like an official communication complete with a download button. – Ghostwriter group resumes attacks on Ukrainian Government targets

Ghostwriter group resumes attacks on Ukrainian Government targets

What Fronter AI Models Like Mythos and GPT-Cyber Mean for Modern Cybersecurity

Beijing Reacts To Panama Setbacks

Hybrid Warfare Reflects Convergence of Terrorism and Great Power Competition

The problem with the US power-sharing plan for Libya

Putin’s parade projected weakness but he is now more dangerous than ever

Five ways the Iran war will forever alter the Middle East

Where’s the beef? Trump’s underwhelming meeting with Xi

Global energy and trade disruption pushing millions towards poverty

Blackouts and shortages disrupt healthcare across Cuba