sctocs

DeepLoad Malware

DeepLoad Malware Leverages ClickFix and WMI Persistence to Steal Browser Credentials

Cybersecurity researchers have identified a newly emerging malware campaign distributing a previously undocumented loader called DeepLoad, leveraging ClickFix social engineering techniques to infect systems and steal sensitive data. ClickFix Lure Initiates the Attack Chain The infection begins with a deceptive ClickFix prompt that convinces users to execute a PowerShell command manually. Victims are instructed to […]

DeepLoad Malware Leverages ClickFix and WMI Persistence to Steal Browser Credentials Read More »

Russian CTRL Toolkit Uses Malicious LNK Files to Hijack RDP Through FRP Tunnels

Cybersecurity researchers have uncovered a sophisticated Russian-origin remote access toolkit called CTRL, which is distributed through malicious Windows shortcut (LNK) files disguised as private key folders. The toolkit enables credential theft, keylogging, and RDP session hijacking, while using Fast Reverse Proxy (FRP) tunnels to maintain stealthy command and control (C2). Multi-Stage Deployment According to Censys Censys, the

Russian CTRL Toolkit Uses Malicious LNK Files to Hijack RDP Through FRP Tunnels Read More »

Three China-Linked Threat Clusters Launch Coordinated Cyber Campaign Against Southeast Asian Government in 2025

A coordinated cyber espionage campaign involving three China-aligned threat clusters has targeted a Southeast Asian government organization throughout 2025, deploying sophisticated malware and backdoor tools. Multiple Threat Clusters Identified The activity has been traced to the following clusters: Palo Alto Networks Unit 42 researchers Palo Alto Networks Unit 42 noted, “The overlapping tactics, techniques, and procedures suggest

Three China-Linked Threat Clusters Launch Coordinated Cyber Campaign Against Southeast Asian Government in 2025 Read More »

Iran-Linked Hackers Compromise FBI Director’s Personal Email, Launch Wiper Attack on Stryker

A cyber espionage campaign linked to Iran has compromised the personal email account of Kash Patel, while also targeting major U.S. healthcare firm Stryker in a destructive cyberattack. FBI Director’s Personal Emails Leaked Online The breach was claimed by the hacktivist group Handala Hack, which published a collection of emails, photos, and documents allegedly belonging to the FBI

Iran-Linked Hackers Compromise FBI Director’s Personal Email, Launch Wiper Attack on Stryker Read More »

Citrix NetScaler Faces Active Reconnaissance for CVE-2026-3055 High-Severity Memory Overread Vulnerability

A newly disclosed high-risk vulnerability affecting Citrix NetScaler ADC and NetScaler Gateway is already drawing attention from threat actors, with security firms reporting active reconnaissance activity targeting exposed systems. Critical Memory Overread Vulnerability Identified The flaw, tracked as CVE-2026-3055, has been assigned a CVSS score of 9.3, highlighting its severity. This issue stems from improper input

Citrix NetScaler Faces Active Reconnaissance for CVE-2026-3055 High-Severity Memory Overread Vulnerability Read More »

CISA Adds CVE-2025-53521 to KEV List Following Active Exploitation of F5 BIG-IP APM

The U.S. cybersecurity authority, Cybersecurity and Infrastructure Security Agency (CISA), has officially added a high-severity vulnerability affecting F5 BIG-IP Access Policy Manager (APM) to its Known Exploited Vulnerabilities (KEV) catalog after confirming real-world attacks. Critical Vulnerability Escalates to Remote Code Execution The flaw, tracked as CVE-2025-53521, carries a CVSS v4 score of 9.3 and allows attackers to

CISA Adds CVE-2025-53521 to KEV List Following Active Exploitation of F5 BIG-IP APM Read More »

TeamPCP Distributes Malicious Telnyx Packages on PyPI, Conceals Data Stealer Inside WAV Files

A new software supply chain attack has been uncovered involving TeamPCP, the same threat group previously linked to compromises of Trivy, KICS, and litellm. This time, the attackers targeted the widely used Telnyx Python package by uploading malicious versions to the Python Package Index (PyPI). Malicious Versions Disguised as Legitimate Updates Security researchers revealed that

TeamPCP Distributes Malicious Telnyx Packages on PyPI, Conceals Data Stealer Inside WAV Files Read More »

AitM Phishing Attack Targets TikTok Business Accounts by Bypassing Cloudflare Turnstile Security

Cybersecurity researchers have uncovered a sophisticated phishing campaign designed to compromise TikTok for Business accounts using advanced adversary-in-the-middle (AitM) techniques. The operation, identified by Push Security, highlights how attackers are evolving their tactics to bypass modern security defenses. Business Accounts Become High-Value Targets Accounts linked to social media platforms are increasingly attractive to cybercriminals. Once compromised,

AitM Phishing Attack Targets TikTok Business Accounts by Bypassing Cloudflare Turnstile Security Read More »

Bearlyfy Targets Russian Firms with Custom GenieLocker Ransomware

A pro-Ukraine hacking group has intensified its cyber operations against Russian businesses, deploying a newly developed ransomware strain to maximize disruption and financial gain. The group, known as Bearlyfy, has rapidly evolved into a serious threat actor since emerging in early 2025. Rapid Rise of a Dual-Purpose Threat Actor Since its appearance, Bearlyfy has been linked

Bearlyfy Targets Russian Firms with Custom GenieLocker Ransomware Read More »

Critical Flaws in LangChain and LangGraph Expose Files, Secrets, and Databases

Security researchers have uncovered serious vulnerabilities in widely used artificial intelligence frameworks, exposing enterprise systems to potential data breaches. The affected platforms, LangChain and LangGraph, are commonly used to build applications powered by large language models, making the impact both widespread and significant. Massive Adoption Increases Risk Exposure Both frameworks are deeply embedded in modern AI development environments.

Critical Flaws in LangChain and LangGraph Expose Files, Secrets, and Databases Read More »