sctocs

Microsoft Fixes CVE-2026-26119 Privilege Escalation Flaw in Windows Admin Center

Microsoft has addressed a high-severity security vulnerability in Windows Admin Center that could allow attackers to escalate privileges on affected systems. The flaw, tracked as CVE-2026-26119, carried a CVSS score of 8.8 out of 10, highlighting its potential risk to enterprise environments. About the Vulnerability Windows Admin Center is a locally deployed, browser-based management suite enabling administrators […]

Microsoft Fixes CVE-2026-26119 Privilege Escalation Flaw in Windows Admin Center Read More »

Fake IPTV Apps Distribute Massiv Android Malware Targeting Mobile Banking Users

Cybersecurity experts have identified a new Android banking trojan called Massiv, designed to conduct device takeover (DTO) attacks for financial theft. The malware hides inside seemingly legitimate IPTV apps, luring users who are searching for online TV services and giving attackers remote control over infected devices. How Massiv Operates According to ThreatFabric, Massiv first appeared in

Fake IPTV Apps Distribute Massiv Android Malware Targeting Mobile Banking Users Read More »

CRESCENTHARVEST Campaign Targets Iran Protest Supporters with RAT Malware

Cybersecurity researchers have uncovered a new cyber espionage campaign, dubbed CRESCENTHARVEST, that appears to target individuals supporting ongoing protests in Iran. The operation is designed to deploy a remote access trojan, RAT, capable of long term surveillance, credential theft, and sensitive data exfiltration. Security analysts warn that the campaign reflects a broader pattern of nation

CRESCENTHARVEST Campaign Targets Iran Protest Supporters with RAT Malware Read More »

Grandstream GXP1600 VoIP Phones Vulnerable to Unauthenticated Remote Code Execution

A serious cybersecurity vulnerability has been identified in the Grandstream GXP1600 series VoIP phones, potentially allowing attackers to take full control of affected devices without authentication. Security experts warn that this flaw could enable remote compromise with root-level privileges, placing enterprise voice networks at significant risk. Critical RCE Vulnerability Identified The vulnerability, tracked as CVE-2026-2329, carries a CVSS

Grandstream GXP1600 VoIP Phones Vulnerable to Unauthenticated Remote Code Execution Read More »

Critical Vulnerabilities Discovered in Four VS Code Extensions with Over 125 Million Installs

Cybersecurity researchers have uncovered serious security vulnerabilities in four widely used Microsoft Visual Studio Code extensions. These flaws could allow attackers to steal sensitive local files and remotely execute malicious code on developers’ machines. The affected extensions, installed more than 125 million times collectively, include Live Server, Code Runner, Markdown Preview Enhanced, and Microsoft Live

Critical Vulnerabilities Discovered in Four VS Code Extensions with Over 125 Million Installs Read More »

Dell RecoverPoint for VMs Zero Day CVE-2026-22769 Exploited Since Mid 2024

A severe security vulnerability in Dell RecoverPoint for Virtual Machines (VMs) has been actively exploited as a zero-day by a suspected China-linked threat group known as UNC6201 since mid-2024, according to findings from Google Mandiant and the Google Threat Intelligence Group (GTIG). The vulnerability, identified as CVE-2026-22769 with a maximum CVSS score of 10.0, stems

Dell RecoverPoint for VMs Zero Day CVE-2026-22769 Exploited Since Mid 2024 Read More »

Notepad++ Patches Hijacked Update Mechanism Exploited to Deliver Targeted Malware

The popular text editor Notepad++ has released a critical security update after its software update mechanism was abused in a targeted supply chain attack. The flaw allowed a China linked threat actor to selectively distribute malware to specific users by manipulating the update delivery process. The newly released version 8.9.2 introduces major security reinforcements designed to prevent

Notepad++ Patches Hijacked Update Mechanism Exploited to Deliver Targeted Malware Read More »

CISA Identifies Four Actively Exploited Security Vulnerabilities in Latest KEV Update

The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog with four newly flagged security flaws that are currently under active exploitation. The move signals heightened risk to organizations, particularly U.S. federal agencies, as the vulnerabilities affect widely used platforms including Google Chrome, Microsoft Windows, and enterprise collaboration systems. Newly Added

CISA Identifies Four Actively Exploited Security Vulnerabilities in Latest KEV Update Read More »

Researchers Demonstrate Copilot and Grok Can Be Exploited as Malware C2 Proxies

Cybersecurity researchers have shown that AI assistants with web-browsing or URL-fetching capabilities can be manipulated to act as stealthy command-and-control (C2) relays for malware. The attack technique, demonstrated against Microsoft Copilot and xAI Grok, has been labeled AI as a C2 proxy by Check Point. This approach allows attackers to blend into legitimate enterprise communications while evading

Researchers Demonstrate Copilot and Grok Can Be Exploited as Malware C2 Proxies Read More »

Keenadu Firmware Backdoor Infects Android Tablets Through Signed OTA Updates

Kaspersky researchers have uncovered a sophisticated Android firmware backdoor, dubbed Keenadu, which silently harvests data and enables remote control of infected devices. The malware is embedded in device firmware, affecting brands including Alldocube, and is delivered through signed OTA updates dating back to August 2023. Unlike conventional malware, Keenadu operates at the firmware level, loading into the

Keenadu Firmware Backdoor Infects Android Tablets Through Signed OTA Updates Read More »