The threat group’s remarkable success targeting open-source software was inevitable and fueled by the industry’s decision to prioritize code shipping over security.
The revelation mirrors an alarming pattern of Chinese espionage groups dropping backdoors into critical infrastructure to intercept research and steal data with national security implications.
Researchers found artifacts in the code that proved AI was heavily involved. A prominent cybercrime group planned to exploit the zero-day en masse for financial gain.
Some attackers, which researchers link to The Com, have swatted company executives to increase leverage and pressure victims to pay their ransom demands.
The company said it found more evidence of compromise across its customer base. Exposure, which has yet to be defined, poses significant downstream risk.
The attack, which originated at Context.ai, showcases the pitfalls of interconnected cloud applications and SaaS integrations with overly privileged permissions.
Google’s research report on ransomware activity last year underscores how cybercrime is evolving and clouding a collective understanding of its full impact and scale.