sctocs

Thousands of Google Cloud API Keys Exposed After Gemini Access Enabled

A new security analysis has revealed that thousands of publicly exposed Google Cloud API keys could be misused to access sensitive Gemini AI endpoints once the Generative Language API is activated within a project. Researchers at Truffle Security identified nearly 3,000 Google API keys, recognizable by the prefix AIza, embedded in client side JavaScript code across websites. […]

Thousands of Google Cloud API Keys Exposed After Gemini Access Enabled Read More »

U.S. DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto Scams

The U.S. Department of Justice announced the seizure of approximately 61 million dollars in Tether connected to large scale cryptocurrency fraud operations commonly referred to as pig butchering scams. Authorities stated that the confiscated digital assets were traced to wallet addresses used to launder proceeds stolen from victims of fraudulent crypto investment schemes. Federal investigators

U.S. DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto Scams Read More »

Over 900 Sangoma FreePBX Instances Compromised in Active Web Shell Attacks

More than 900 internet facing FreePBX systems from Sangoma Technologies remain compromised with web shells following exploitation of a serious command injection vulnerability, according to findings released by Shadowserver Foundation. The large scale compromise began in December 2025 and continues to impact organizations worldwide. Of the affected instances, 401 are located in the United States, 51 in Brazil,

Over 900 Sangoma FreePBX Instances Compromised in Active Web Shell Attacks Read More »

Malicious Go Crypto Module Steals Passwords and Installs Rekoobe Backdoor

Cybersecurity researchers have uncovered a harmful Go programming module that impersonates a trusted cryptography library while secretly stealing passwords and deploying a Linux backdoor known as Rekoobe. The rogue package, published under the path github[.]com/xinfeisoft/crypto, mimics the legitimate Go cryptography repository golang.org/x/crypto. However, instead of providing safe cryptographic utilities, it embeds hidden functionality designed to intercept sensitive

Malicious Go Crypto Module Steals Passwords and Installs Rekoobe Backdoor Read More »

ScarCruft Uses Zoho WorkDrive and USB Malware to Infiltrate Air Gapped Networks

The North Korean threat group known as ScarCruft has been linked to a sophisticated cyber espionage campaign that leverages cloud storage services and removable media to infiltrate even isolated environments. Security researchers at Zscaler ThreatLabz have named the operation Ruby Jumper. The campaign, uncovered in December 2025, introduces several new malware families designed to conduct surveillance, move laterally across

ScarCruft Uses Zoho WorkDrive and USB Malware to Infiltrate Air Gapped Networks Read More »

Trojanized Gaming Tools Distribute Java Based RAT Through Browsers and Chat Platforms

Cybersecurity researchers are warning that attackers are disguising malicious software as popular gaming utilities to infect unsuspecting users. The campaign relies on browser downloads and chat platform sharing to deliver a Java based remote access trojan, enabling full control over compromised systems. According to the Microsoft Threat Intelligence team, the infection process begins with a malicious downloader

Trojanized Gaming Tools Distribute Java Based RAT Through Browsers and Chat Platforms Read More »

Meta Files Lawsuits Against Brazil, China, and Vietnam Advertisers Over Celebrity Bait Scams

Meta has announced a sweeping legal campaign aimed at disrupting fraudulent advertising operations running across its platforms. The company confirmed it has filed lawsuits against advertisers located in Brazil, China, and Vietnam who allegedly orchestrated large scale celebrity bait scams and deceptive ad schemes. According to Meta, the enforcement action includes suspending payment methods, shutting down related advertising accounts,

Meta Files Lawsuits Against Brazil, China, and Vietnam Advertisers Over Celebrity Bait Scams Read More »

Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Avoid Takedown

Cybersecurity researchers have uncovered a sophisticated botnet loader named Aeternum C2 that leverages blockchain technology to maintain a resilient and takedown resistant command and control infrastructure. Instead of relying on conventional domains or centralized servers, the malware stores encrypted instructions directly on the Polygon blockchain. According to research published by Qrator Labs, this strategy enables

Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Avoid Takedown Read More »

Cisco SD WAN Zero Day CVE-2026-20127 Exploited Since 2023 to Gain Admin Access

A critical zero-day vulnerability affecting Cisco Catalyst SD-WAN platforms has been actively exploited since 2023, enabling attackers to gain unauthorized administrative access to targeted environments. The flaw, identified as CVE-2026-20127, carries a maximum CVSS score of 10.0 and impacts both Cisco Catalyst SD-WAN Controller and SD-WAN Manager solutions. The vulnerability allows a remote, unauthenticated attacker

Cisco SD WAN Zero Day CVE-2026-20127 Exploited Since 2023 to Gain Admin Access Read More »

Google Disrupts UNC2814 GRIDTIDE Campaign Following 53 Breaches in 42 Countries

Google has announced a coordinated effort with industry partners to dismantle the infrastructure of a suspected China linked cyber espionage group identified as UNC2814. The campaign is confirmed to have compromised at least 53 organizations across 42 countries, making it one of the most extensive cyber espionage operations uncovered in recent years. According to a

Google Disrupts UNC2814 GRIDTIDE Campaign Following 53 Breaches in 42 Countries Read More »