PhantomCore, a pro-Ukrainian hacktivist group, has been exploiting vulnerabilities in TrueConf video conferencing software to breach Russian networks since September 2025. The group leverages an exploit chain consisting of three vulnerabilities to execute commands remotely on susceptible servers. This targeted campaign highlights the evolving nature of cyberattacks, with threat actors continually adapting their tactics to compromise high-value targets. The use of exploit chains, in particular, demonstrates the sophistication of these attacks, allowing hackers to bypass security measures and gain unauthorized access to sensitive systems. According to a report by Positive Technologies1, the attacks have been ongoing for several months, suggesting a high level of persistence and determination on the part of the threat actors. The success of these breaches has significant implications for network security, so practitioners should be vigilant for similar exploits and take proactive measures to protect their own systems.