Ukraine confirms suspected APT28 campaign targeting prosecutors, anti-corruption agencies

The intrusions exploited vulnerabilities in the open-source Roundcube webmail platform that allow attackers to execute malicious code when a victim simply opens an email in their inbox.