sctocs

More Than 60 Software Vendors Release Security Updates Across OS, Cloud, and Network Platforms

As part of the latest Patch Tuesday cycle, more than 60 technology vendors have rolled out security updates addressing vulnerabilities affecting operating systems, cloud infrastructure, enterprise applications, and network devices. The coordinated wave of patches reflects the ongoing effort to strengthen cybersecurity defenses across global IT environments. Microsoft Addresses 59 Vulnerabilities Microsoft issued fixes for […]

More Than 60 Software Vendors Release Security Updates Across OS, Cloud, and Network Platforms Read More »

Microsoft Fixes 59 Security Flaws, Including Six Actively Exploited Zero Days

Microsoft has released security updates addressing 59 vulnerabilities across its software, including six zero-day flaws currently exploited in the wild. The patch rollout was announced on Tuesday, highlighting the urgent need for users and organizations to apply fixes. Severity Breakdown Of the 59 vulnerabilities, five are marked Critical, 52 Important, and two Moderate. Privilege escalation

Microsoft Fixes 59 Security Flaws, Including Six Actively Exploited Zero Days Read More »

SSHStalker Botnet Controls Linux Systems via IRC C2 and Legacy Kernel Exploits

Cybersecurity researchers have uncovered a newly identified botnet operation named SSHStalker, which leverages the Internet Relay Chat, IRC, protocol as its command-and-control infrastructure. The campaign specifically targets Linux systems by exploiting outdated kernel vulnerabilities, many of which date back more than a decade. According to security firm Flare, the operation combines stealth-focused techniques with older Linux

SSHStalker Botnet Controls Linux Systems via IRC C2 and Legacy Kernel Exploits Read More »

North Korea-Linked UNC1069 Uses AI Lures to Target Cryptocurrency Organizations

The North Korea-associated threat group UNC1069 has intensified its cyber operations against the cryptocurrency sector, leveraging advanced social engineering and artificial intelligence techniques to compromise Windows and macOS systems. The campaign is primarily designed to extract sensitive credentials and enable large-scale financial theft. According to findings from Google Mandiant researchers Ross Inman and Adrian Hernandez, the operation

North Korea-Linked UNC1069 Uses AI Lures to Target Cryptocurrency Organizations Read More »

DPRK Operatives Impersonate Professionals on LinkedIn to Infiltrate Organizations

Security researchers have revealed that North Korean cyber operatives are increasingly targeting global companies by impersonating legitimate professionals on LinkedIn. The threat actors are applying for remote roles using real LinkedIn accounts, often tied to verified email addresses and identity badges, to make their applications appear authentic. This long-running campaign, tracked as Jasper Sleet, PurpleDelta, and Wagemole,

DPRK Operatives Impersonate Professionals on LinkedIn to Infiltrate Organizations Read More »

Reynolds Ransomware Uses BYOVD Driver to Disable EDR Security Tools

Cybersecurity analysts have identified a newly emerging ransomware strain named Reynolds, notable for embedding a built-in Bring Your Own Vulnerable Driver (BYOVD) mechanism directly within its ransomware payload. This approach is designed to bypass endpoint security defenses before file encryption begins. BYOVD is a well-known attacker technique that abuses legitimate but vulnerable kernel drivers to escalate

Reynolds Ransomware Uses BYOVD Driver to Disable EDR Security Tools Read More »

Warlock Ransomware Breaches SmarterTools via Unpatched SmarterMail Server

SmarterTools has confirmed that its internal network was compromised after the Warlock ransomware group, also known as Storm-2603, exploited an unpatched SmarterMail server. The security incident occurred on January 29, 2026, and was traced back to a single mail server that had not been updated to the latest secure build. According to SmarterTools Chief Commercial

Warlock Ransomware Breaches SmarterTools via Unpatched SmarterMail Server Read More »

Dutch Authorities Confirm Ivanti Zero Day Exploit Exposed Employee Contact Data

Dutch authorities have confirmed that recent cyber attacks exploiting zero-day vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) led to unauthorized access to employee contact information within government systems. The Dutch Data Protection Authority (AP) and the Council for the Judiciary (Rvdr) revealed that their environments were affected after attackers abused newly disclosed flaws in Ivanti

Dutch Authorities Confirm Ivanti Zero Day Exploit Exposed Employee Contact Data Read More »

Fortinet Fixes Critical SQL Injection Flaw Allowing Unauthenticated Code Execution

Fortinet has released security updates to remediate a critical security flaw affecting FortiClientEMS that could allow attackers to execute arbitrary code without authentication. The vulnerability is tracked as CVE-2026-21643 and carries a CVSS score of 9.1, placing it among high impact enterprise security risks. According to Fortinet, the issue stems from improper handling of user

Fortinet Fixes Critical SQL Injection Flaw Allowing Unauthenticated Code Execution Read More »

China-Linked UNC3886 Targets Singapore Telecom Sector in Cyber Espionage Operations

Singapore’s Cyber Security Agency (CSA) has confirmed that a China linked cyber espionage group known as UNC3886 carried out a coordinated and targeted campaign against the country’s telecommunications sector. According to CSA, the operation was deliberate, highly organized, and carefully executed. All four major telecommunications providers in Singapore, M1, SIMBA Telecom, Singtel, and StarHub, were

China-Linked UNC3886 Targets Singapore Telecom Sector in Cyber Espionage Operations Read More »