Vulnerabilities
PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks
A pro-Ukrainian hacktivist group called PhantomCore has been exploiting three TrueConf video conferencing flaws (BDU-2025-10114, 10115, 10116) since September 2025 to breach Russian networks. By chaining these vulnerabilities, the group bypasses authentication and executes arbitrary OS commands, turning video conferencing servers into springboards for lateral movement and