Автор: Elizabeth Montalbano, Contributing Writer

Yet another spinoff of the infamous DDoS botnet is exploiting a known vulnerability in active attacks, while its threat actors are promoting it on Telegram for other attackers to use as well, in a DDoS-as-a-service model.

The firewall specialist has patched the security flaw, which was responsible for a series of attacks reported earlier this month that compromised FortiOS and FortiProxy products exposed to the public Internet.

Attackers aim to steal people’s personal and payment-card data in the campaign, which dangles the threat of an undelivered package and has the potential to reach organizations in more than 50 countries.

Attackers can use a zero- or one-click flaw to send a malicious image to targets — an image that can deanonymize a user within seconds, posing a threat to journalists, activists, hackers, and others whose locations are sensitive.

Advanced persistent threat group PlushDaemon, active since 2019, is using a sophisticated modular backdoor to collect data from infected systems in South Korea.

Advanced persistent threat group PlushDaemon, active since 2019, is using a sophisticated modular backdoor to collect data from infected systems in South Korea.

Two separate campaigns are targeting flaws in various IoT devices globally, with the goal of compromising them and propagating malware worldwide.

Evidence suggests that some of the payloads and extensions may date as far back as April 2023.

"Operation 99" uses job postings to lure freelance software developers into downloading malicious Git repositories. From there, malware infiltrates developer projects to steal source code, secrets, and cryptocurrency.

"Operation 99" uses job postings to lure freelance software developers into downloading malicious Git repositories. From there, malware infiltrates developer projects to steal source code, secrets, and cryptocurrency.