Cybersecurity Headlines Rogue NuGet package steals data, Venezuela's PDVSA suffers attack, patched Fortinet flaws exploited
8 snips
Dec 17, 2025 A rogue NuGet package has been caught stealing wallet data and sending it to Russia, highlighting the risks of typo-squatting. Meanwhile, Venezuela's state oil company, PDVSA, faces disruptions from a ransomware attack affecting its operations. Fortinet's critical flaws are being actively exploited, prompting urgent guidance to patch or disable vulnerable systems. On the threat landscape, Sandworm targets misconfigured AWS edge devices, while new malware-as-a-service emerges, trojanizing apps to harvest credentials. Lastly, holiday scams are on the rise, blending AI and gift card fraud.
AI Snips
Chapters
Transcript
Episode notes
Long-Lived Typosquat Steals Crypto Data
- A typo-squatted NuGet package impersonated Tracer.fody to siphon cryptocurrency wallet data for years.
- The package used name tricks and hidden code to exfiltrate Stratus wallet files and passwords to attacker servers in Russia.
PDVSA Ransomware Disrupts Operations
- Venezuela's state oil company PDVSA suffered a ransomware attack that knocked out administrative systems and suspended cargo loadings.
- PDVSA and the Venezuelan government blamed the U.S., while production and refining remained unaffected.
Patch Or Disable FortiCloud SSO Now
- Patch Fortinet products immediately or disable FortiCloud SSO until upgrades are applied.
- The flaws allow unauthenticated admin access via forged SAML assertions when FortiCloud SSO is enabled.