sctocs

AWS CodeBuild Misconfiguration Exposed GitHub Repositories to Potential Supply Chain Attacks

Cloud security researchers have revealed that a critical misconfiguration in AWS CodeBuild could have allowed attackers to fully compromise Amazon Web Services owned GitHub repositories, including the widely used AWS JavaScript SDK. The issue created a potential pathway for large scale supply chain attacks that could have impacted countless AWS customers. The vulnerability, named CodeBreach by cloud security firm Wiz, […]

AWS CodeBuild Misconfiguration Exposed GitHub Repositories to Potential Supply Chain Attacks Read More »

Critical WordPress Modular DS Plugin Vulnerability Actively Exploited to Gain Admin Access

Security researchers have confirmed active exploitation of a critical vulnerability affecting the Modular DS WordPress plugin, allowing attackers to gain administrator level access without authentication. The issue has been disclosed by WordPress security firm Patchstack and is already being abused in real world attacks. The vulnerability is tracked as CVE-2026-23550 and carries a maximum CVSS

Critical WordPress Modular DS Plugin Vulnerability Actively Exploited to Gain Admin Access Read More »

Researchers Disclose Reprompt Attack Enabling One-Click Data Exfiltration From Microsoft Copilot

Cybersecurity researchers have uncovered a new attack technique named Reprompt that allows threat actors to silently extract sensitive information from AI chatbots such as Microsoft Copilot with just a single click. The attack operates without requiring plugins, user interaction, or visible prompts, creating a serious blind spot for enterprise security controls. According to Varonis security researcher Dolev

Researchers Disclose Reprompt Attack Enabling One-Click Data Exfiltration From Microsoft Copilot Read More »

Microsoft Legal Action Disrupts RedVDS Cybercrime Infrastructure Behind Online Fraud

Microsoft has successfully taken legal measures in the U.S. and U.K. to dismantle RedVDS, a subscription-based cybercrime service that enabled criminals to carry out widespread online fraud. The action included seizing domains redvds[.]com, redvds[.]pro, and vdspanel[.]space, effectively taking the illegal service offline. RedVDS allowed threat actors to access cheap, disposable virtual computers for as little as $24 per month,

Microsoft Legal Action Disrupts RedVDS Cybercrime Infrastructure Behind Online Fraud Read More »

Researchers Null-Route More Than 550 Kimwolf and Aisuru Botnet Command Servers

Security researchers have disrupted a major botnet operation after null-routing traffic linked to more than 550 command-and-control servers tied to the AISURU and Kimwolf botnets. The takedown was carried out by Black Lotus Labs, the threat intelligence arm of Lumen Technologies, and began in early October 2025. These botnets have rapidly grown into some of the largest active malicious

Researchers Null-Route More Than 550 Kimwolf and Aisuru Botnet Command Servers Read More »

Hackers Abuse c-ares DLL Side-Loading to Evade Security and Deploy Malware

Cybersecurity researchers have uncovered an active malware campaign that abuses a DLL side-loading weakness in a legitimate binary linked to the open-source c-ares library. By exploiting this technique, attackers are able to bypass traditional security controls and deliver a wide range of commodity malware, including trojans, stealers, and remote access tools. How the Attack Works According to

Hackers Abuse c-ares DLL Side-Loading to Evade Security and Deploy Malware Read More »

Fortinet Patches Critical FortiSIEM Vulnerability Allowing Unauthenticated Remote Code Execution

Fortinet has released security updates to address a critical vulnerability in FortiSIEM that could allow unauthenticated attackers to execute arbitrary code on affected systems. The flaw poses a serious risk to organizations using vulnerable FortiSIEM deployments, particularly those with exposed management services. Vulnerability Overview The issue, tracked as CVE-2025-64155, carries a CVSS score of 9.4, indicating critical

Fortinet Patches Critical FortiSIEM Vulnerability Allowing Unauthenticated Remote Code Execution Read More »

PLUGGYAPE Malware Uses Signal and WhatsApp to Target Ukrainian Defense Forces

Ukraine’s Computer Emergency Response Team (CERT-UA) has revealed details of a recent cyber espionage campaign targeting Ukrainian defense forces using a malware strain known as PLUGGYAPE. The attacks were observed between October and December 2025. CERT-UA has attributed the activity with medium confidence to a Russia aligned threat group tracked as Void Blizzard, also known

PLUGGYAPE Malware Uses Signal and WhatsApp to Target Ukrainian Defense Forces Read More »

Long-Running Web Skimming Campaign Steals Credit Card Data From Online Checkout Pages

Cybersecurity researchers have uncovered a large scale web skimming operation that has remained active since January 2022, silently harvesting payment card data from compromised online checkout pages. The campaign targets organizations connected to major global payment networks, including American Express, Diners Club, Discover, JCB, Mastercard, and UnionPay. According to a newly published report by Silent

Long-Running Web Skimming Campaign Steals Credit Card Data From Online Checkout Pages Read More »

New Malware Campaign Spreads Remcos RAT via Multi-Stage Windows Attack

Cybersecurity analysts have uncovered a new malware operation known as SHADOW#REACTOR, which uses a stealthy, multi stage infection chain to deploy the Remcos Remote Administration Tool (RAT). The campaign is designed to establish persistent and covert control over compromised Windows systems while evading traditional detection mechanisms. According to a technical report released by Securonix researchers Akshay

New Malware Campaign Spreads Remcos RAT via Multi-Stage Windows Attack Read More »