ESET research reveals a successor to the infamous BlackEnergy APT group targeting critical infrastructure, quite possibly in preparation for damaging attacks. VestaCP compromised in a new supply-chain attack as customers see their admin credentials stolen and their servers infected with Linux/ChachaDDoS. Plus phishers are after something unusual in ploy targeting book publishers with the scammers having their sights set on book manuscripts.