sctocs

Fog Ransomware Targets US Organizations Using Compromised VPN Credentials

A new ransomware variant known as Fog has emerged as a notable threat to organizations in the education and recreation sectors across the United States. Overview of the Threat Starting in early May 2024, Arctic Wolf Labs began monitoring Fog ransomware in multiple incident response cases. Approximately 80 percent of affected organizations operate in education, […]

Fog Ransomware Targets US Organizations Using Compromised VPN Credentials Read More »

Cisco Switches Affected by Reboot Loops Caused by DNS Client Bug

Several Cisco switch models are unexpectedly entering reboot loops after reporting critical DNS client errors, according to recent reports compiled by BleepingComputer. The issue appears to have started around 2 AM, when a firmware problem in the switches’ DNS client service began treating DNS lookup failures as fatal errors. This caused the affected switches to

Cisco Switches Affected by Reboot Loops Caused by DNS Client Bug Read More »

Russian APT28 Launches Credential-Stealing Campaign Targeting Energy and Policy Organizations

Russian state-sponsored threat actors linked to APT28, also known as BlueDelta, have been identified running an ongoing credential-harvesting operation aimed at energy research and policy-related organizations across multiple regions. According to findings, the campaign primarily targeted individuals connected to a Turkish energy and nuclear research body, employees of a European policy think tank, and organizations operating in North

Russian APT28 Launches Credential-Stealing Campaign Targeting Energy and Policy Organizations Read More »

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions

Trend Micro has issued urgent security updates for multiple vulnerabilities affecting on-premise Windows deployments of Apex Central, including a critical flaw that could allow attackers to execute arbitrary code with elevated privileges. The most severe issue, tracked as CVE-2025-69258, has been assigned a CVSS score of 9.8, placing it among the highest risk vulnerabilities. According to Trend

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions Read More »

FBI Warns of North Korean Hackers Using Malicious QR Codes in Spear-Phishing Attacks

The U.S. Federal Bureau of Investigation (FBI) has issued a new advisory warning that North Korean state sponsored threat actors are actively using malicious QR codes in spear phishing campaigns targeting organizations across the United States. According to the FBI, as of 2025, actors linked to the Kimsuky threat group have targeted think tanks, academic institutions, and both U.S.

FBI Warns of North Korean Hackers Using Malicious QR Codes in Spear-Phishing Attacks Read More »

CISA Retires 10 Emergency Cybersecurity Directives Issued From 2019 to 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has announced the retirement of 10 Emergency Directives (EDs) that were originally issued between 2019 and 2024 to address urgent and high impact cybersecurity threats facing federal systems. According to CISA, these directives are now considered closed after successful remediation efforts and the integration of long term

CISA Retires 10 Emergency Cybersecurity Directives Issued From 2019 to 2024 Read More »

WhatsApp Worm Propagates Astaroth Banking Trojan in Brazil Through Auto-Messaging

Cybersecurity researchers have uncovered a new malware campaign that abuses WhatsApp as a distribution channel to spread the Astaroth banking trojan across Brazil. The operation specifically targets Windows users and represents an evolution in how financial malware is propagated in the region. The campaign has been named Boto Cor-de-Rosa by the Acronis Threat Research Unit.

WhatsApp Worm Propagates Astaroth Banking Trojan in Brazil Through Auto-Messaging Read More »

Cisco Patches ISE Security Flaw Following Public PoC Exploit Release

Cisco has issued updates to fix a medium-severity vulnerability affecting its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC), after a publicly available proof-of-concept (PoC) exploit was released. The flaw, tracked as CVE-2026-20029 with a CVSS score of 4.9, resides in the licensing functionality and could allow a remote, authenticated attacker with administrative

Cisco Patches ISE Security Flaw Following Public PoC Exploit Release Read More »

China-Linked UAT-7290 Targets Telecom Companies with Linux Malware and ORB Nodes

Cybersecurity researchers have attributed a series of espionage driven cyber intrusions to a China linked threat actor tracked as UAT 7290, which has been actively targeting organizations across South Asia and Southeastern Europe. According to a new report published by Cisco Talos, the activity cluster has been operational since at least 2022 and is known

China-Linked UAT-7290 Targets Telecom Companies with Linux Malware and ORB Nodes Read More »

Researchers Discover NodeCordRAT Embedded in Bitcoin-Themed npm Packages

Cybersecurity researchers have uncovered a new malware campaign involving three malicious npm packages that were used to distribute a previously undocumented remote access trojan named NodeCordRAT. The discovery highlights ongoing risks within open source ecosystems, particularly for developers working with cryptocurrency related libraries. Malicious Packages Identified The following npm packages were identified as part of

Researchers Discover NodeCordRAT Embedded in Bitcoin-Themed npm Packages Read More »