sctocs

Chrome extension exposed for adding secret Solana transfer fees to Raydium swaps

Cybersecurity analysts have identified a malicious Chrome extension that secretly adds an unauthorized Solana transfer during Raydium swap transactions and redirects the funds to a cryptocurrency wallet controlled by an attacker. The extension, called Crypto Copilot, was released by a user known as “sjclark76” on May 7, 2024. It is marketed as a tool that […]

Chrome extension exposed for adding secret Solana transfer fees to Raydium swaps Read More »

FBI reports $262M in ATO fraud as AI phishing and holiday scams

The U.S Federal Bureau of Investigation (FBI) has issued a new security alert, stating that cybercriminals are increasingly impersonating financial institutions to steal money and confidential information. These activities are directly linked to a major rise in account takeover fraud, a type of cybercrime that has already caused losses exceeding two hundred sixty two million

FBI reports $262M in ATO fraud as AI phishing and holiday scams Read More »

Years of leaks from JSONFormatter and CodeBeautify have exposed thousands of passwords and API keys, creating major security risks

A new investigation has uncovered that sensitive credentials from governments, telecoms, financial institutions, and critical infrastructure have been unintentionally exposed through popular online code formatting tools such as JSONFormatter and CodeBeautify. These websites, commonly used to validate or beautify JSON and other code snippets, have become unintended repositories of private information due to users pasting

Years of leaks from JSONFormatter and CodeBeautify have exposed thousands of passwords and API keys, creating major security risks Read More »

JackFix spreads multiple stealers via fake Windows Update pop ups on adult sites.

A newly uncovered malware campaign is exploiting adult themed phishing sites and deceptive ClickFix style lures to trick users into executing malicious Windows commands disguised as urgent security updates. Cybersecurity researchers from Acronis have identified the activity, warning that the threat actors are using highly convincing fake Windows update screens to distribute multiple information stealers.

JackFix spreads multiple stealers via fake Windows Update pop ups on adult sites. Read More »

ToddyCat’s new tools steal Outlook emails and Microsoft 365 tokens, threatening users and organizations.

The threat group known as ToddyCat has introduced new techniques designed to infiltrate corporate email systems and extract sensitive data from targeted organizations. According to a technical report by Kaspersky, the group is now using a custom tool called TCSectorCopy to obtain access to Microsoft Outlook data and OAuth 2.0 tokens. Kaspersky noted that this

ToddyCat’s new tools steal Outlook emails and Microsoft 365 tokens, threatening users and organizations. Read More »

Hackers use Blender 3D assets to spread StealC V2 malware, threatening creators and users

Cybersecurity analysts have uncovered a new threat campaign in which attackers are weaponizing Blender Foundation files to distribute an upgraded version of the StealC information stealer, known as StealC V2. The activity has been ongoing for at least six months, according to Morphisec researcher Shmuel Uzan, who reported that malicious .blend files were discovered on

Hackers use Blender 3D assets to spread StealC V2 malware, threatening creators and users Read More »

CISA Alerts on Active Spyware Campaigns Targeting High Value Signal and WhatsApp Users

The United States Cybersecurity and Infrastructure Security Agency (CISA) has issued a new advisory warning that multiple threat groups are conducting active spyware operations aimed at users of secure messaging platforms, particularly Signal and WhatsApp. The agency said attackers are deploying commercial spyware and remote access trojans to breach mobile devices through targeted social engineering

CISA Alerts on Active Spyware Campaigns Targeting High Value Signal and WhatsApp Users Read More »

ShadowPad Malware Exploits a WSUS Vulnerability to Gain Full System Access

A recently addressed security flaw in Microsoft Windows Server Update Services, also known as WSUS, is being actively abused by attackers to deploy the advanced ShadowPad malware. According to a report from the AhnLab Security Intelligence Center, the threat actors used CVE 2025 59287 as the initial entry point into targeted Windows servers. Attackers Use

ShadowPad Malware Exploits a WSUS Vulnerability to Gain Full System Access Read More »

Chinese DeepSeek R1 AI Produces Insecure Code When Prompts Reference Tibet or Uyghurs

A new investigation by CrowdStrike has uncovered that DeepSeek R1, a reasoning model developed by the Chinese company DeepSeek, generates significantly more insecure code when prompts include topics considered politically sensitive by China. The researchers noted that the model introduces severe security flaws up to fifty percent more frequently whenever such trigger terms appear. Sensitive

Chinese DeepSeek R1 AI Produces Insecure Code When Prompts Reference Tibet or Uyghurs Read More »

New Fluent Bit Vulnerabilities Expose Cloud Systems to RCE and Stealthy Infrastructure Intrusions

Cybersecurity analysts have identified five significant vulnerabilities in Fluent Bit, a widely used open source telemetry agent. These flaws can be combined to compromise cloud environments and potentially give attackers full control over infrastructure. Oligo Security shared the findings, noting that the weaknesses allow authentication bypass, path traversal, remote code execution, service disruption, and tag

New Fluent Bit Vulnerabilities Expose Cloud Systems to RCE and Stealthy Infrastructure Intrusions Read More »