sctocs

Intellexa Leaks Expose Zero Days and Ads Based Delivery Method for Predator Spyware

A human rights lawyer in Pakistan’s Balochistan province received a suspicious WhatsApp link from an unknown sender, marking the first known case of a civil society member in Pakistan being targeted by Intellexa’s Predator spyware, according to Amnesty International. The link, Amnesty noted, is consistent with a “Predator attack attempt,” based on the technical behavior […]

Intellexa Leaks Expose Zero Days and Ads Based Delivery Method for Predator Spyware Read More »

Silver Fox Distributes ValleyRAT in China Through Fake Microsoft Teams Installer

A new campaign linked to the threat actor Silver Fox is targeting Chinese speaking users through a deceptive installer that pretends to be Microsoft Teams. The operation appears to be a false flag attempt designed to resemble activity from a Russian group, although the final payload is ValleyRAT, a malware family associated with Chinese cybercrime

Silver Fox Distributes ValleyRAT in China Through Fake Microsoft Teams Installer Read More »

AISURU Botnet Behind Record 29.7 Tbps DDoS Attack Using 4M Infected Hosts

Cloudflare reported on Wednesday that it successfully detected and mitigated the largest recorded distributed denial-of-service (DDoS) attack to date, reaching 29.7 terabits per second (Tbps). The attack originated from the AISURU botnet-for-hire, which has been tied to multiple hyper-volumetric DDoS campaigns over the past year. The assault lasted 69 seconds, though Cloudflare did not disclose

AISURU Botnet Behind Record 29.7 Tbps DDoS Attack Using 4M Infected Hosts Read More »

GoldFactory Targets Southeast Asia with Modified Banking Apps Behind 11,000 Plus Infections

Cybercriminals linked to the financially motivated group GoldFactory have launched a new wave of mobile attacks across Indonesia, Thailand, and Vietnam by posing as government authorities and local service providers. According to a technical assessment released by Group IB, the campaign has been active since October 2024 and relies on doctored versions of legitimate banking

GoldFactory Targets Southeast Asia with Modified Banking Apps Behind 11,000 Plus Infections Read More »

Critical RSC Bugs in React and Next.js Enable Unauthenticated Remote Code Execution

A newly disclosed maximum severity vulnerability in React Server Components has raised significant alarm across the web development ecosystem. The flaw, assigned CVE-2025-55182 and nicknamed React2shell, allows attackers to execute code remotely without authentication simply by sending a specially crafted request to a Server Function endpoint. Nature of the Vulnerability The React Team stated that

Critical RSC Bugs in React and Next.js Enable Unauthenticated Remote Code Execution Read More »

Microsoft Quietly Fixes Windows LNK Flaw After Years of Active Exploitation

Microsoft has rolled out a silent fix for a Windows Shortcut (LNK) vulnerability that has been under active exploitation since 2017. The update was released as part of the company’s November 2025 Patch Tuesday batch, according to details published by ACROS Security’s 0patch team. Background of the Vulnerability The flaw, tracked as CVE-2025-9491 and rated

Microsoft Quietly Fixes Windows LNK Flaw After Years of Active Exploitation Read More »

Malicious Rust Crate Targets Web3 Developers with OS Specific Malware

Cybersecurity analysts have identified a harmful Rust based package that was crafted to infiltrate systems running Windows, macOS, or Linux. The package silently executes malicious code on developer machines by disguising itself as a legitimate Ethereum Virtual Machine utility. The crate, titled evm-units, was uploaded to crates dot io in April 2025 by an account

Malicious Rust Crate Targets Web3 Developers with OS Specific Malware Read More »

Picklescan Bugs Let Malicious PyTorch Models Bypass Scans and Run Unauthorized Code

A set of three serious vulnerabilities has been uncovered in Picklescan, an open source security tool created by Matthieu Maitre, designed to inspect Python pickle files and detect dangerous behavior before any code is executed. These flaws make it possible for attackers to hide harmful commands inside PyTorch models and completely bypass the scanner, posing

Picklescan Bugs Let Malicious PyTorch Models Bypass Scans and Run Unauthorized Code Read More »

Brazil Faces Banking Trojan Spread Through WhatsApp Worm and RelayNFC Relay Fraud

Brazil is facing a growing wave of cyberattacks as the threat actor known as Water Saci rolls out a more advanced infection chain that spreads banking malware through WhatsApp Web and relies on layered delivery techniques using PDF and HTA files. WhatsApp Worm Used to Deliver Banking Trojan Threat analysts from Trend Micro reported that

Brazil Faces Banking Trojan Spread Through WhatsApp Worm and RelayNFC Relay Fraud Read More »

Active Attacks on WordPress King Addons Flaw Allow Hackers to Create Admin Accounts

A severe security vulnerability affecting the King Addons for Elementor WordPress plugin is currently under active exploitation. The flaw, tracked as CVE-2025-8489 with a CVSS score of 9.8, allows unauthenticated attackers to escalate their privileges by registering directly as administrators. The issue impacts all plugin versions from 24.12.92 up to 51.1.14. The maintainers issued a

Active Attacks on WordPress King Addons Flaw Allow Hackers to Create Admin Accounts Read More »