Cybersecurity News - Page 18

The campaign, tracked as ‘Nomad Leopard,’ appears to be the work of a regionally focused actor with low-to-moderate sophistication.

Researchers say the developer relied on Spec-Driven Development, using AI to define goals, constraints, and a multi-team development plan.

The campaign targets software developers by posing as job recruiters and instructing victims to clone repositories hosted on GitHub, GitLab, or Bitbucket.

The attackers leverage weaponized files delivered via Dynamic Link Library sideloading in combination with a legitimate open-source Python penetration testing script.

The malware can exfiltrate developer credentials, browser data, crypto-related information, and turn compromised developer machines into potential entry points.

Elliptic said it is unclear whether the slowdown marks the beginning of a full shutdown or a shift away from fraud-related activity.

Attackers weaponized advertising URLs in spear-phishing emails, making malicious links appear legitimate.

The attack begins when users search for appliance manuals or related software via search engines.

The campaign involves a fake browser extension called ‘NexShield,’ which impersonates the legitimate uBlock Origin Lite ad blocker.

Feras Khalil Ahmad Albashiti now faces up to 10 years in prison and a fine of up to $250,000.