Cybersecurity researchers have disclosed details of a coordinated spear-phishing campaign dubbed PhantomCaptcha targeting organizations associated with Ukraine’s war relief efforts to deliver a remote access trojan that uses a WebSocket for command-and-control (C2).The activity, which took place on October 8, 2025, targeted individual members of the International Red Cross, Norwegian Refugee
First seen on thehackernews.com
Jump to article: thehackernews.com/2025/10/ukraine-aid-groups-targeted-through.html
