FrostyNeighbor Uses Scheduled Tasks to Maintain Access in Ukraine Attacks

FrostyNeighbor has launched a new cyberespionage campaign against Ukrainian government organizations using malicious PDF lures, JavaScript malware, scheduled tasks, and Cobalt Strike. ESET researchers said the activity started in March 2026 and shows continued changes in the group’s compromise chain. The attackers now use server-side validation before delivering the final payload, which makes the campaign […] The post FrostyNeighbor Uses Scheduled Tasks to Maintain Access in Ukraine Attacks appeared first on VPN Central.