TI Mindmap HUB
Threat Intelligence Report

GhostShell (MB-0009): Targeting Ukraine’s UAV Operations and Defense Supply Chain

📅 June 26, 2026 📰 blog.synapticsystems.de 🔍 2 CVE(s) referenced

A newly identified threat actor, dubbed GhostShell, is targeting Ukraine’s UAV ecosystem and defense supply chain with a sophisticated, multi-stage malware cluster featuring custom cryptography, mTLS implant authentication, and disciplined infrastructure—yet with no conclusive attribution beyond the cluster level.

unclassified
CVE-2025-8088, CVE-2025-6218

Sign in to access the full report including:
detailed analysis, IOCs, MITRE ATT&CK mapping, and STIX bundle.

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap
🎯 IOC Extraction
⚔️ MITRE ATT&CK TTPs
📦 STIX 2.1 Bundle