A previously undocumented threat activity cluster has been
attributed to an ongoing malicious campaign targeting education and
healthcare sectors in the U.S. since at least December 2025. The
campaign is being tracked by Cisco Talos under the moniker
UAT-10027. The end goal of the attacks is to deliver a
never-before-seen backdoor codenamed Dohdoor. "Dohdoor utilizes the
DNS-over-HTTPS (DoH)
Read more https://thehackernews.com/2026/02/uat-10027-targets-us-education-and.html
