A previously unrecognized threat activity group focused on European entities, especially in the medical field, to implement PlugX and its successor, ShadowPad, with the breaches ultimately resulting in the implementation of ransomware known as NailaoLocker in certain instances.
The operation, referred to as Green Nailao by Orange Cyberdefense CERT, entailed the utilization of a recently patched security vulnerability.