Update April.md

Threat Reports/April.md

@@ -33,5 +33,6 @@
 | 28 APR | CERT-UA | UAC-0101 DDoS attacks using malicious JavaScript code (dubbed BrownFlood) which is placed on compromised websites (mainly running WordPress) | [cert.gov.ua](https://cert.gov.ua/article/39923) |
 | 28 APR | Fortinet | Analysis of WhisperGate, HermeticWiper, IsaacWiper, CaddyWiper, DoupleZero, AcidRain | [fortinet.com](https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat) |
 | 28 APR | Mandiant | Since early 2021, Mandiant has been tracking extensive APT29 phishing campaigns targeting diplomatic organizations in Europe, the Americas, and Asia. APT29 has developed two new malware families in 2022, BEATDROP and BOOMMIC. The group's latest detection evasion techniques includes the abuse of Atlassian's Trello service | [mandiant.com](https://www.mandiant.com/resources/tracking-apt29-phishing-campaigns) |
+| 28 APR | CERT-UA | UAC-0098 cyberattack on Ukrainian state authorities using metasploit framework | [cert.gov.ua](https://cert.gov.ua/article/39934) |
 | 29 APR | Trustwave | Stormous: The Pro-Russian, Clout Hungry Ransomware Gang Targets the US and Ukraine | [trustwave.com](https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/stormous-the-pro-russian-clout-hungry-ransomware-gang-targets-the-us-and-ukraine/) |
 | 29 APR | ATTACKIQ | Attack Graph Response to UNC1151 Continued Targeting of Ukraine | [attackiq.com](https://attackiq.com/2022/04/29/attack-graph-response-to-unc1151-continued-targeting-of-ukraine/) |