Skip to content

News
Cybercrime
Risk
Policy
Privacy
Research
Cloud
Insurance

LinkedIn
Facebook

webhook.site

APT28 targets Western and Central Europe with document beacons and webhook exfiltration

Cybercrime, News, Research

February 24, 2026

APT28 ran Operation MacroMaze from September 2025 to January 2026 targeting Western and Central Europe, using spear-phishing documents that beacon to webhook hosts and exfiltrate command output through browser-based HTML forms.
Attackers exploit patched WSUS flaw to deploy infostealer on unpatched Windows servers

Cybercrime, News, Risk, Vulnerabilities

October 30, 2025

Attackers have been observed exploiting CVE-2025-59287 in WSUS to deploy an infostealer on unpatched Windows servers, exfiltrate data to webhook.site URLs and use follow-up tooling including Velociraptor and a UPX-packed Skuld Stealer; agencies and vendors are urging immediate patching and investigation.

About
Editorial Policy
Privacy
Contact