Security News > 2025 > February > China-Linked Attackers Exploit Check Point Flaw to Deploy ShadowPad and Ransomware
2025-02-20 11:21
A previously unknown threat activity cluster targeted European organizations, particularly those in the healthcare sector, to deploy PlugX and its successor, ShadowPad, with the intrusions ultimately leading to deployment of a ransomware called NailaoLocker in some cases. The campaign, codenamed Green Nailao by Orange Cyberdefense CERT, involved the exploitation of a new-patched security flaw
News URL
https://thehackernews.com/2025/02/chinese-linked-attackers-exploit-check.html
Related news
- Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- New SuperBlack ransomware exploits Fortinet auth bypass flaws (source)
- BlackLock Ransomware Exposed After Researchers Exploit Leak Site Vulnerability (source)
- PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware (source)