Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware

thehackernews.com·May 22, 2026

The Belarus-aligned threat actor Ghostwriter has been targeting Ukrainian government organizations by using phishing emails related to the Prometheus online learning platform, as reported by Ukraine's Computer Emergency Response Team (CERT-UA).

The key learning for a cybersecurity professional is that threat actors like Ghostwriter are leveraging localized lures, such as targeting Ukrainian government organizations with phishing emails disguised as communications from the Prometheus online learning platform. This highlights the importance of tailoring threat intelligence and phishing awareness training to include region-specific tactics and platforms that may be exploited by attackers to increase the efficacy of their campaigns.

Want more content like this?

twixb tracks your favorite blogs and social media, filters by keywords, and delivers personalized key learnings — straight to your inbox.

Create Your Own →Explore Newsfeeds

More from Cybersecurity News

Recent stories curated alongside this one.

Browse all Cybersecurity News →

Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware

Want more content like this?

More from Cybersecurity News

[Virtual Event] Anatomy of a Data Breach: What to Do if it Happens to You

Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks

Red Hat npm packages compromised to steal developer credentials

Spain arrests doxer leaking sensitive data of govt employees

WP Maps Pro Vulnerability Exploited to Take Over WordPress Sites