PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks

Source: The Hacker News

Attack Overview

A pro‑Ukrainian hacktivist group called PhantomCore has been attributed to attacks actively targeting servers running TrueConf video‑conferencing software in Russia since September 2025. According to a report published by Positive Technologies, the threat actors are leveraging an exploit chain comprising three vulnerabilities to execute commands remotely on susceptible systems.