The Ghostwriter Advanced Persistent Threat (APT) group has targeted Ukrainian government and Belarusian opposition groups since 2024, using sophisticated cyber-espionage methods. The group uses weaponized Excel files with malicious macros to deliver malware payloads. Ghostwriter, linked to Belarus’s government, employs phishing emails and lures victims into enabling macros, eventually deploying a downloader malware variant known as PicassoLoader. Specific tactics include creating decoy Excel files and verifying client profiles to ensure only intended victims receive harmful payloads.
IXON VPN Vulnerabilities Let Attackers Gain Access to Windows & Linux Systems
A security assessment by Shelltrail revealed three critical vulnerabilities in the IXON VPN client, allowing privilege escalation on Windows and Linux. Identified as CVE-2025-ZZZ-01, CVE-2025-ZZZ-02,
%20CISO%E2%80%99s%20Core%20Focus.webp?w=0&resize=0,0&ssl=1 "Identity and Access Management (IAM)")