Ghostwriter Hackers Target Gmail Users With Fake Admin Alerts to Steal Passwords and 2FA Codes
VPN Central [Unofficial]
June 18, 2026
The UNC1151/Ghostwriter threat group is targeting Gmail users with fake Google administrator emails designed to steal passwords and two-factor authentication codes. According to CERT Polska, the campaign has been running with high intensity since March 2026 and mainly targets Polish users. The phishing emails imitate Gmail security notices and warn about suspicious activity, unauthorized logins, […]
The post Ghostwriter Hackers Target Gmail Users With Fake Admin Alerts to Steal Passwords and 2FA Codes appeared first on VPN Central.
Discussion in the ATmosphere