The U.S. government "kill[s] people based on metadata," but it doesn't do that with the trove of information collected on American communications, according to former head of the National Security Agency Gen. Michael Hayden.

• Proofpoint has identified a likely nation-state sponsored phishing campaign using a possibly compromised Ukrainian armed service member’s email account to target European government personnel involved in managing the logistics of refugees fleeing Ukraine.
• The email included a malicious macro attachment which attempted to download a Lua-based malware dubbed SunSeed.
• The infection chain used in this campaign bears significant similarities to a historic campaign Proofpoint observed in July 2021, making it likely the same threat actor is behind both clusters of activity.
• Proofpoint is releasing this report in an effort to balance accuracy with responsibility to disclose actionable intelligence during a time of high-tempo conflict.

The Computer Emergency Response Team of Ukraine (CERT-UA) warned today of a spearphishing campaign targeting private email accounts belonging to Ukrainian armed forces personnel.

What geopolitical standoff could this possibly be linked to?