sctocs

Critical n8n Vulnerabilities Enable Remote Code Execution and Exposure of Stored Credentials

Cybersecurity researchers have revealed details about multiple serious vulnerabilities in the n8n workflow automation platform, including two critical flaws that could allow attackers to execute arbitrary commands on affected systems. The vulnerabilities have already been patched, but security experts warn that systems running older versions may remain vulnerable. Key Vulnerabilities Identified Researchers identified two major security […]

Critical n8n Vulnerabilities Enable Remote Code Execution and Exposure of Stored Credentials Read More »

Meta Shuts Down 150K Accounts Tied to Southeast Asia Scam Centers in Global Crackdown

Meta has disabled more than 150,000 accounts connected to scam centers in Southeast Asia, part of a coordinated global effort involving authorities from Thailand, the U.S., the U.K., Canada, Korea, Japan, Singapore, the Philippines, Australia, New Zealand, and Indonesia. The crackdown also led to 21 arrests by the Royal Thai Police. This action follows a

Meta Shuts Down 150K Accounts Tied to Southeast Asia Scam Centers in Global Crackdown Read More »

Microsoft Patches 84

Microsoft Fixes 84 Security Flaws in March Patch Tuesday, Including Two Public Zero Days

Microsoft has rolled out security updates addressing 84 new vulnerabilities across multiple software components, with two of them publicly disclosed. Of these vulnerabilities, eight are classified as Critical and 76 as Important. Most patches (46) relate to privilege escalation, followed by 18 remote code execution flaws, 10 information disclosure issues, four spoofing weaknesses, four denial-of-service

Microsoft Fixes 84 Security Flaws in March Patch Tuesday, Including Two Public Zero Days Read More »

Amazon_web_services

UNC6426 Uses nx npm Supply Chain Attack to Obtain AWS Admin Access Within 72 Hours

Cybersecurity investigators have revealed that a threat actor identified as UNC6426 successfully breached a company’s cloud infrastructure within 72 hours by abusing credentials stolen during a software supply chain compromise involving the Nx npm package. According to findings published in the Google Cloud Threat Horizons Report H1 2026, the attacker initially obtained a developer’s GitHub token. This credential enabled

UNC6426 Uses nx npm Supply Chain Attack to Obtain AWS Admin Access Within 72 Hours Read More »

Five Malicious

Five Malicious Rust Crates and AI Bot Abuse CI CD Pipelines to Steal Developer Secrets

Security researchers have uncovered a group of malicious packages written in the Rust programming language that were uploaded to the official Rust package registry crates.io. These packages were disguised as utilities designed to manage or synchronize system time but were actually created to steal sensitive developer data. The five malicious crates identified are: According to researchers from Socket, the

Five Malicious Rust Crates and AI Bot Abuse CI CD Pipelines to Steal Developer Secrets Read More »

FortiGate Devices

Attackers Exploit FortiGate Devices to Breach Networks and Steal Service Account Credentials

Cybersecurity researchers have uncovered a campaign in which threat actors are exploiting vulnerabilities in FortiGate Next‑Generation Firewall devices to gain unauthorized access to corporate networks and steal sensitive credentials. According to a report from SentinelOne, attackers are targeting firewall appliances by exploiting recently disclosed security flaws or by using weak authentication credentials. Once inside the system,

Attackers Exploit FortiGate Devices to Breach Networks and Steal Service Account Credentials Read More »

KadNap Malware

KadNap Malware Compromises Over 14,000 Edge Devices to Build Stealth Proxy Botnet

Cybersecurity researchers have uncovered a sophisticated malware campaign involving a threat dubbed KadNap, which primarily targets Asus routers and other edge devices to build a stealthy proxy botnet. The malware has compromised over 14,000 devices globally, with more than 60% of infections in the U.S., according to Black Lotus Labs at Lumen. KadNap uses a custom implementation of the Kademlia Distributed

KadNap Malware Compromises Over 14,000 Edge Devices to Build Stealth Proxy Botnet Read More »

Looker Studio

New “LeakyLooker” Vulnerabilities in Google Looker Studio May Allow Cross Tenant SQL Queries

Cybersecurity researchers have uncovered a group of security vulnerabilities in Google Looker Studio that could have enabled attackers to run unauthorized SQL queries against victims’ databases and extract sensitive information across different organizations. The flaws, collectively named LeakyLooker, were identified by researchers from Tenable. The vulnerabilities could have exposed data across multiple environments within Google Cloud infrastructures. Google has confirmed that

New “LeakyLooker” Vulnerabilities in Google Looker Studio May Allow Cross Tenant SQL Queries Read More »

Found this article interesting? Follow us on  X (Twitter) , Facebook, Blue sky and LinkedIn to read more exclusive content we post.

APT28 Deploys BEARDSHELL and COVENANT Malware in Espionage Campaign Against Ukrainian Military

The Russia linked threat group APT28 has been observed deploying two malware implants, BEARDSHELL and COVENANT, in cyber espionage operations targeting Ukrainian military personnel. According to a new investigation by ESET, the malware tools have been actively used since April 2024 to maintain persistent access and conduct long term surveillance. APT28, also widely known by aliases such as Fancy Bear, Sednit, Pawn Storm, and TA422,

APT28 Deploys BEARDSHELL and COVENANT Malware in Espionage Campaign Against Ukrainian Military Read More »

Salesforce Experience

Threat Actors Conduct Mass Scanning of Salesforce Experience Cloud Using Modified AuraInspector Tool

Cybersecurity teams at Salesforce have reported a surge in malicious activity targeting publicly accessible Experience Cloud environments. According to the company, attackers are conducting large scale scans of these sites using a modified version of an open source security tool known as AuraInspector. The campaign primarily focuses on identifying misconfigured guest user permissions, which can expose sensitive data stored within Salesforce

Threat Actors Conduct Mass Scanning of Salesforce Experience Cloud Using Modified AuraInspector Tool Read More »