sctocs

MuddyWater Launches RustyWater RAT Through Spear-Phishing Targeting Middle East Sectors

Cybersecurity researchers have uncovered a new spear phishing campaign linked to the Iranian threat actor MuddyWater, also known by multiple aliases, targeting critical sectors across the Middle East. The operation delivers a Rust based remote access trojan called RustyWater, signaling a continued shift toward more advanced and stealthy malware frameworks. Campaign Overview According to a […]

MuddyWater Launches RustyWater RAT Through Spear-Phishing Targeting Middle East Sectors Read More »

Europol Arrests 34 Black Axe Members in Spain Over €5.9M Fraud and Organized Crime

Europol has announced the arrest of 34 individuals in Spain accused of being members of the international organized crime syndicate known as Black Axe. The arrests are part of a coordinated law enforcement operation targeting large-scale fraud and organized criminal activity. Coordinated International Law Enforcement Operation The operation was led by the Spanish National Police with

Europol Arrests 34 Black Axe Members in Spain Over €5.9M Fraud and Organized Crime Read More »

China-Linked Hackers Exploit VMware ESXi Zero-Day Flaws to Escape Virtual Machines

Chinese-speaking threat actors are believed to have abused a compromised SonicWall VPN appliance to gain initial access and deploy a sophisticated VMware ESXi virtual machine escape exploit. According to cybersecurity firm Huntress, the exploit may have been under development as early as February 2024. Huntress detected the malicious activity in December 2025 and successfully disrupted

China-Linked Hackers Exploit VMware ESXi Zero-Day Flaws to Escape Virtual Machines Read More »

xRAT Malware Targets Windows Users Masquerading as Adult Game

A new malware threat called xRAT, also known as QuasarRAT, has been targeting Windows users across Korea, exploiting popular webhard file-sharing services.The Ahnlab Security Intelligence Center (ASEC) recently detected xRAT being distributed as fake adult games. The remote access trojan (RAT) combines advanced evasion techniques with social engineering, making it particularly dangerous for everyday users. Attackers exploit

xRAT Malware Targets Windows Users Masquerading as Adult Game Read More »

Fog Ransomware Targets US Organizations Using Compromised VPN Credentials

A new ransomware variant known as Fog has emerged as a notable threat to organizations in the education and recreation sectors across the United States. Overview of the Threat Starting in early May 2024, Arctic Wolf Labs began monitoring Fog ransomware in multiple incident response cases. Approximately 80 percent of affected organizations operate in education,

Fog Ransomware Targets US Organizations Using Compromised VPN Credentials Read More »

Cisco Switches Affected by Reboot Loops Caused by DNS Client Bug

Several Cisco switch models are unexpectedly entering reboot loops after reporting critical DNS client errors, according to recent reports compiled by BleepingComputer. The issue appears to have started around 2 AM, when a firmware problem in the switches’ DNS client service began treating DNS lookup failures as fatal errors. This caused the affected switches to

Cisco Switches Affected by Reboot Loops Caused by DNS Client Bug Read More »

Russian APT28 Launches Credential-Stealing Campaign Targeting Energy and Policy Organizations

Russian state-sponsored threat actors linked to APT28, also known as BlueDelta, have been identified running an ongoing credential-harvesting operation aimed at energy research and policy-related organizations across multiple regions. According to findings, the campaign primarily targeted individuals connected to a Turkish energy and nuclear research body, employees of a European policy think tank, and organizations operating in North

Russian APT28 Launches Credential-Stealing Campaign Targeting Energy and Policy Organizations Read More »

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions

Trend Micro has issued urgent security updates for multiple vulnerabilities affecting on-premise Windows deployments of Apex Central, including a critical flaw that could allow attackers to execute arbitrary code with elevated privileges. The most severe issue, tracked as CVE-2025-69258, has been assigned a CVSS score of 9.8, placing it among the highest risk vulnerabilities. According to Trend

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions Read More »

FBI Warns of North Korean Hackers Using Malicious QR Codes in Spear-Phishing Attacks

The U.S. Federal Bureau of Investigation (FBI) has issued a new advisory warning that North Korean state sponsored threat actors are actively using malicious QR codes in spear phishing campaigns targeting organizations across the United States. According to the FBI, as of 2025, actors linked to the Kimsuky threat group have targeted think tanks, academic institutions, and both U.S.

FBI Warns of North Korean Hackers Using Malicious QR Codes in Spear-Phishing Attacks Read More »

CISA Retires 10 Emergency Cybersecurity Directives Issued From 2019 to 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has announced the retirement of 10 Emergency Directives (EDs) that were originally issued between 2019 and 2024 to address urgent and high impact cybersecurity threats facing federal systems. According to CISA, these directives are now considered closed after successful remediation efforts and the integration of long term

CISA Retires 10 Emergency Cybersecurity Directives Issued From 2019 to 2024 Read More »