sctocs

Dell RecoverPoint for VMs Zero Day CVE-2026-22769 Exploited Since Mid 2024

A severe security vulnerability in Dell RecoverPoint for Virtual Machines (VMs) has been actively exploited as a zero-day by a suspected China-linked threat group known as UNC6201 since mid-2024, according to findings from Google Mandiant and the Google Threat Intelligence Group (GTIG). The vulnerability, identified as CVE-2026-22769 with a maximum CVSS score of 10.0, stems […]

Dell RecoverPoint for VMs Zero Day CVE-2026-22769 Exploited Since Mid 2024 Read More »

Notepad++ Patches Hijacked Update Mechanism Exploited to Deliver Targeted Malware

The popular text editor Notepad++ has released a critical security update after its software update mechanism was abused in a targeted supply chain attack. The flaw allowed a China linked threat actor to selectively distribute malware to specific users by manipulating the update delivery process. The newly released version 8.9.2 introduces major security reinforcements designed to prevent

Notepad++ Patches Hijacked Update Mechanism Exploited to Deliver Targeted Malware Read More »

CISA Identifies Four Actively Exploited Security Vulnerabilities in Latest KEV Update

The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog with four newly flagged security flaws that are currently under active exploitation. The move signals heightened risk to organizations, particularly U.S. federal agencies, as the vulnerabilities affect widely used platforms including Google Chrome, Microsoft Windows, and enterprise collaboration systems. Newly Added

CISA Identifies Four Actively Exploited Security Vulnerabilities in Latest KEV Update Read More »

Researchers Demonstrate Copilot and Grok Can Be Exploited as Malware C2 Proxies

Cybersecurity researchers have shown that AI assistants with web-browsing or URL-fetching capabilities can be manipulated to act as stealthy command-and-control (C2) relays for malware. The attack technique, demonstrated against Microsoft Copilot and xAI Grok, has been labeled AI as a C2 proxy by Check Point. This approach allows attackers to blend into legitimate enterprise communications while evading

Researchers Demonstrate Copilot and Grok Can Be Exploited as Malware C2 Proxies Read More »

Keenadu Firmware Backdoor Infects Android Tablets Through Signed OTA Updates

Kaspersky researchers have uncovered a sophisticated Android firmware backdoor, dubbed Keenadu, which silently harvests data and enables remote control of infected devices. The malware is embedded in device firmware, affecting brands including Alldocube, and is delivered through signed OTA updates dating back to August 2023. Unlike conventional malware, Keenadu operates at the firmware level, loading into the

Keenadu Firmware Backdoor Infects Android Tablets Through Signed OTA Updates Read More »

SmartLoader Attack Leverages Trojanized Oura MCP Server to Deploy StealC Infostealer

Cybersecurity researchers have uncovered a sophisticated campaign using a trojanized Model Context Protocol (MCP) server linked to Oura Health to deliver the StealC information stealer. According to Straiker’s AI Research (STAR) Labs, attackers cloned the legitimate Oura MCP server—which normally connects AI assistants to Oura Ring health data—and created fake forks, contributor accounts, and a deceptive infrastructure to build

SmartLoader Attack Leverages Trojanized Oura MCP Server to Deploy StealC Infostealer Read More »

Poland Arrests Suspect Tied to Phobos Ransomware Operation

Authorities in Poland have arrested a 47-year-old man suspected of involvement with the Phobos ransomware network. During the operation, police confiscated computers and mobile devices allegedly containing stolen login credentials, payment card details, and server access information. The arrest was carried out by officers from the Central Bureau of Cybercrime Control in the Małopolska region, with support from units in Katowice

Poland Arrests Suspect Tied to Phobos Ransomware Operation Read More »

Microsoft Identifies “Summarize with AI” Prompts Manipulating Chatbot Recommendations

Microsoft has identified a new tactic used by legitimate businesses to influence artificial intelligence chatbot responses through so-called “Summarize with AI” buttons embedded on websites. The technique mirrors traditional search engine optimization abuse but targets AI systems instead of search rankings. The research, conducted by the Microsoft Defender Security Research Team, describes the method as AI Recommendation

Microsoft Identifies “Summarize with AI” Prompts Manipulating Chatbot Recommendations Read More »

Apple Tests End to End Encrypted RCS Messaging in iOS 26.4 Developer Beta

Apple has rolled out a new developer beta of iOS and iPadOS that introduces end-to-end encryption, E2EE, for Rich Communication Services (RCS) messaging. The capability is currently available in iOS 26.4 and iPadOS 26.4 beta builds and is expected to reach general users in a future software release across iOS, iPadOS, macOS, and watchOS. In its

Apple Tests End to End Encrypted RCS Messaging in iOS 26.4 Developer Beta Read More »

Infostealer Steals OpenClaw AI Agent Configuration Files and Gateway Tokens

Cybersecurity researchers have identified a case in which an information-stealing malware successfully extracted sensitive configuration files linked to OpenClaw, the open-source AI agent platform previously known as Clawdbot and Moltbot. According to researchers at Hudson Rock, the incident represents a turning point in infostealer evolution. Instead of focusing solely on browser credentials, threat actors are now harvesting

Infostealer Steals OpenClaw AI Agent Configuration Files and Gateway Tokens Read More »