""Despite the fact that there are no exploits for this chain of vulnerability in public access, attackers from PhantomCore managed to conduct their research and reproduce vulnerabilities, which led to a large number of cases of its operation in Russian organizations.""
""The group runs large-scale operations while maintaining strong stealth -- remaining invisible in victim networks for extended periods -- enabled by continual updates and evolution of in-house offensive tools.""
PhantomCore, a pro-Ukrainian hacktivist group, has been attacking TrueConf video conferencing software servers in Russia since September 2025. They exploit a chain of three vulnerabilities to execute commands remotely. Despite no public exploits available, PhantomCore successfully reproduced these vulnerabilities, leading to numerous attacks on Russian organizations. The group, active since 2022, is known for stealing sensitive data and disrupting networks, sometimes using ransomware. Their operations are characterized by stealth and the use of advanced in-house tools.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]