Researchers report that more than 300 organizations in Israel and over 25 in the UAE have been affected.
GPUBreach is based on the Rowhammer technique used against system RAM, and applies it to GPU GDDR6 memory.
The attack begins with phishing emails carrying malicious Windows shortcut (LNK) files.
Storm-1175 targets new security flaws, sometimes exploiting them within a day of discovery or even before official patches are released.
Using an administrator account, Daniel Rhyne scheduled malicious tasks on the companyu2019s Windows domain controller to delete admin accounts and reset passwords across the network.
The attackers combined technical intrusion methods with real-world social engineering tactics.
While a permanent fix is expected in the upcoming 7.4.7 release, Fortinet has issued a hotfix to mitigate the risk in affected versions.
