Cyber-Espionage Campaign Targets Ukrainian Government Entities with Sophisticated Spear-Phishing Attacks

A cyber-espionage campaign is targeting Ukrainian government entities with a series of sophisticated spear-phishing attacks exploiting XSS vulnerabilities. These attacks, known as Operation RoundPress, specifically target webmail systems. The technical details mentioned include the exploitation of XSS flaws to compromise email accounts. The described real impacts include the compromise of government communications, endangering the security of sensitive information.