sctocs

U.S. DoJ Seizes Fraud Domain Linked to 14.6 Million Dollar Bank Account Takeover Scheme

The U.S. Department of Justice (DoJ) has announced the seizure of a fraudulent web domain and its associated database that were used to support a large scale bank account takeover operation targeting American victims. According to officials, the seized domain web3adspanels[.]org functioned as a backend control panel where cybercriminals stored and managed stolen online banking credentials. Visitors […]

U.S. DoJ Seizes Fraud Domain Linked to 14.6 Million Dollar Bank Account Takeover Scheme Read More »

Critical n8n Flaw with CVSS 9.9 Allows Arbitrary Code Execution Across Thousands of Instances

Cybersecurity researchers have revealed a highly severe security flaw in the n8n workflow automation platform that could allow attackers to execute arbitrary code on vulnerable systems under specific conditions. The vulnerability is tracked as CVE-2025-68613 and has received a CVSS score of 9.9, placing it among the most critical software flaws disclosed this year. The issue was identified

Critical n8n Flaw with CVSS 9.9 Allows Arbitrary Code Execution Across Thousands of Instances Read More »

Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens

Cybersecurity researchers have uncovered a malicious software package hosted on the npm repository that masquerades as a fully functional WhatsApp API while secretly stealing sensitive user data and granting attackers persistent access to victims’ WhatsApp accounts. The package, called lotusbail, has been downloaded more than 56,000 times since it was published in May 2025 by

Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens Read More »

Android Malware Campaigns Combine Droppers, SMS Theft, and RAT Capabilities at Scale

Cybersecurity researchers are warning about a rapidly evolving Android malware ecosystem where threat actors are combining malicious droppers, SMS stealing functions, and full remote access capabilities to target users at scale. Recent investigations show that users in Uzbekistan are being actively targeted through fake applications that silently deploy advanced malware once installed. According to an

Android Malware Campaigns Combine Droppers, SMS Theft, and RAT Capabilities at Scale Read More »

Iranian Infy APT Resurfaces with New Malware Activity After Years of Silence

Threat intelligence researchers have identified renewed cyber activity linked to an Iranian advanced persistent threat group known as Infy, also referred to as Prince of Persia, nearly five years after the group was last observed conducting attacks in Sweden, the Netherlands, and Turkey. Security experts now believe the scope and persistence of Infy’s operations were

Iranian Infy APT Resurfaces with New Malware Activity After Years of Silence Read More »

U.S. DOJ Charges 54 Suspects in ATM Jackpotting Scheme Using Ploutus Malware

The U.S. Department of Justice (DoJ) has formally charged 54 individuals in connection with a large scale ATM jackpotting operation that caused tens of millions of dollars in losses across the United States. According to federal prosecutors, the accused were involved in a coordinated campaign that used a sophisticated malware strain known as Ploutus to

U.S. DOJ Charges 54 Suspects in ATM Jackpotting Scheme Using Ploutus Malware Read More »

Russia Linked Hackers Abuse Microsoft 365 Device Code Phishing for Account Takeovers

A suspected Russia-aligned threat group has been identified for a phishing campaign targeting Microsoft 365 users by exploiting device code authentication flows to steal credentials and conduct account takeovers. The campaign, active since September 2025, is tracked by Proofpoint under the designation UNK_AcademicFlare. Attackers have primarily targeted email accounts associated with government and military organizations,

Russia Linked Hackers Abuse Microsoft 365 Device Code Phishing for Account Takeovers Read More »

Cracked Software and YouTube Videos Used to Spread CountLoader and GachiLoader Malware

Cybersecurity researchers have uncovered an active malware campaign that abuses cracked software websites and popular video platforms to distribute advanced loader malware, primarily CountLoader and GachiLoader. The activity highlights how threat actors continue to exploit user trust in free software and online tutorials to silently compromise systems. Researchers from Cyderes revealed that cracked software distribution

Cracked Software and YouTube Videos Used to Spread CountLoader and GachiLoader Malware Read More »

WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability

WatchGuard has issued an urgent security advisory after confirming active exploitation of a critical vulnerability in its Fireware OS. The flaw affects VPN functionality and has already been observed being abused in real world attacks, prompting immediate patching recommendations for all affected customers. The vulnerability, tracked as CVE-2025-14733, carries a CVSS score of 9.3 and is

WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability Read More »

Nigeria Arrests RaccoonO365 Phishing Developer Tied to Microsoft 365 Attacks

Authorities in Nigeria have confirmed the arrest of three high profile internet fraud suspects connected to large scale phishing operations, including the primary developer behind the RaccoonO365 phishing as a service platform. The arrests were announced by the Nigeria Police Force National Cybercrime Centre following a joint investigation with Microsoft and the Federal Bureau of

Nigeria Arrests RaccoonO365 Phishing Developer Tied to Microsoft 365 Attacks Read More »