A report details a new spear-phishing campaign by the Russian state-sponsored hacking group Star Blizzard. The hackers target high-value diplomats via WhatsApp, using a malicious QR code within a fake invitation to a Ukrainian aid group. This attack relies on social engineering, not malware, highlighting the group's adaptability following previous disruptions of their operations. The article emphasizes the need for caution with unsolicited communications and checking linked devices on WhatsApp accounts. Other cybersecurity news items cover various threats and vulnerabilities, including a UEFI Secure Boot flaw and vulnerabilities addressed in a Microsoft Patch Tuesday update.