Cybersecurity News - Page 30

The attack uses social engineering lures delivered via business-themed documents.

The attacks targeted two combined heat and power plants, as well as a system used to manage electricity generated from renewable sources.

In brief: Cisco fixes two zero-days, flaws in Fortinet’s FortiGate and FortiSIEM solutions exploited in the wild, and more.

Also, attackers are reportedly exploiting a patch bypass for a previously fixed critical Fortinet FortiGate authentication vulnerability.

The campaign, tracked as ‘Nomad Leopard,’ appears to be the work of a regionally focused actor with low-to-moderate sophistication.

Researchers say the developer relied on Spec-Driven Development, using AI to define goals, constraints, and a multi-team development plan.

The campaign targets software developers by posing as job recruiters and instructing victims to clone repositories hosted on GitHub, GitLab, or Bitbucket.

The attackers leverage weaponized files delivered via Dynamic Link Library sideloading in combination with a legitimate open-source Python penetration testing script.

The malware can exfiltrate developer credentials, browser data, crypto-related information, and turn compromised developer machines into potential entry points.

Elliptic said it is unclear whether the slowdown marks the beginning of a full shutdown or a shift away from fraud-related activity.