sctocs

Hikvision

CISA Adds Critical Hikvision and Rockwell Automation CVSS 9.8 Vulnerabilities to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency has added two high severity vulnerabilities affecting Hikvision and Rockwell Automation products to its Known Exploited Vulnerabilities (KEV) catalog after confirming evidence that the flaws are being actively exploited. Both vulnerabilities carry a CVSS score of 9.8, indicating a critical level of risk for affected systems. Vulnerability Affecting Hikvision Devices The first vulnerability, tracked as CVE-2017-7921, […]

CISA Adds Critical Hikvision and Rockwell Automation CVSS 9.8 Vulnerabilities to KEV Catalog Read More »

Cisco Confirms Two Catalyst SD WAN Manager Vulnerabilities Are Being Actively Exploited

Cisco has confirmed that two security vulnerabilities affecting Cisco Catalyst SD-WAN Manager (previously known as SD-WAN vManage) are currently being exploited in real-world attacks. The vulnerabilities identified by Cisco are CVE-2026-20122 and CVE-2026-20128, both of which impact organizations using the SD-WAN management platform. Details of the Exploited Vulnerabilities The first issue, CVE-2026-20122, carries a CVSS score of 7.1 and allows an

Cisco Confirms Two Catalyst SD WAN Manager Vulnerabilities Are Being Actively Exploited Read More »

GHOSTFORM-Malware

Dust Specter Targets Iraqi Officials Using New SPLITDROP and GHOSTFORM Malware

Cybersecurity researchers have disclosed a campaign attributed to a suspected Iran-linked threat actor targeting Iraqi government officials. The attackers impersonated Iraq’s Ministry of Foreign Affairs to deliver previously unknown malware families, including SPLITDROP, TWINTASK, TWINTALK, and GHOSTFORM. Observed by Zscaler ThreatLabz in January 2026, the campaign employs two distinct infection chains that ultimately deploy these malicious tools. A

Dust Specter Targets Iraqi Officials Using New SPLITDROP and GHOSTFORM Malware Read More »

Ukraine-attack

APT28 Associated Campaign Uses BadPaw Loader and MeowMeow Backdoor Against Ukraine

Cybersecurity researchers have revealed a new Russian cyber campaign targeting Ukrainian organizations using two previously unknown malware families, BadPaw and MeowMeow. According to a report by ClearSky, the attack begins with a phishing email containing a link to a ZIP archive. Once extracted, an HTA file opens a decoy document in Ukrainian concerning border crossing appeals, designed to

APT28 Associated Campaign Uses BadPaw Loader and MeowMeow Backdoor Against Ukraine Read More »

Europol-Led

Europol Led Operation Dismantles Tycoon 2FA Phishing as a Service Tied to 64,000 Attacks

A major international cybersecurity operation has successfully dismantled Tycoon 2FA, a large phishing-as-a-service platform that enabled cybercriminals to launch advanced phishing attacks targeting organizations worldwide. The takedown was coordinated by the European law enforcement agency Europol along with multiple cybersecurity firms and global investigators. Authorities confirmed that the platform was responsible for tens of thousands of phishing incidents

Europol Led Operation Dismantles Tycoon 2FA Phishing as a Service Tied to 64,000 Attacks Read More »

Europol flow chat

FBI and Europol Shut Down LeakBase Forum Used for Trading Stolen Credentials

International law enforcement agencies have successfully dismantled LeakBase, a notorious online marketplace widely used by cybercriminals to trade stolen credentials and hacking resources. The coordinated crackdown was led by the Federal Bureau of Investigation and Europol as part of a multinational cybercrime investigation. Authorities confirmed that the website leakbase[.]la has been seized. Visitors attempting to access the platform now encounter an official

FBI and Europol Shut Down LeakBase Forum Used for Trading Stolen Credentials Read More »

149 Hacktivist DDoS Attacks Strike 110 Organizations Across 16 Countries Following Middle East Conflict

A sharp escalation in hacktivist cyber activity has followed the coordinated U.S. and Israeli military campaign against Iran, known as Epic Fury and Roaring Lion. Cybersecurity analysts warn that the digital battlefield is rapidly expanding alongside physical hostilities, with distributed denial of service, DDoS, campaigns dominating the threat landscape. According to a new assessment from Radware, two hacktivist collectives,

149 Hacktivist DDoS Attacks Strike 110 Organizations Across 16 Countries Following Middle East Conflict Read More »

Coruna iOS Exploit Kit Leverages 23 Exploits in Five Attack Chains Targeting iOS 13 to 17.2.1

A newly uncovered cyber offensive framework named Coruna, also tracked as CryptoWaters, has emerged as one of the most advanced iOS exploit kits observed in recent years. According to findings released by Google, the toolkit specifically targets Apple iPhone devices running iOS versions from 13.0 through 17.2.1. Devices operating on the latest iOS releases remain

Coruna iOS Exploit Kit Leverages 23 Exploits in Five Attack Chains Targeting iOS 13 to 17.2.1 Read More »

Malicious Laravel Packages on Packagist Deliver RAT Across Windows, macOS, and Linux

Cybersecurity researchers have uncovered malicious PHP packages on Packagist that impersonate legitimate Laravel utilities while secretly deploying a cross platform remote access trojan capable of running on Windows, macOS, and Linux systems. The packages, published under the vendor namespace nhattuanbl, include: According to findings from Socket, the lara-swagger package does not directly contain malicious code. Instead,

Malicious Laravel Packages on Packagist Deliver RAT Across Windows, macOS, and Linux Read More »

APT41 Connected Silver Dragon Targets Governments with Cobalt Strike and Google Drive C2

Cybersecurity researchers have uncovered fresh details about an advanced persistent threat group known as Silver Dragon, which has been targeting government entities across Europe and Southeast Asia since at least mid 2024. According to a technical analysis published by Check Point, the group employs a mix of server exploitation and phishing attacks to gain initial access,

APT41 Connected Silver Dragon Targets Governments with Cobalt Strike and Google Drive C2 Read More »