sctocs

North Korean Hackers Abuse JSON Services to Deliver Malware Covertly

Researchers have uncovered that North Korean threat actors behind the Contagious Interview campaign are increasingly leveraging JSON storage services to host and deploy malicious payloads. These platforms allow attackers to operate covertly while blending in with normal traffic. Tactics and Techniques According to NVISO researchers Bart Parys, Stef Collart, and Efstratios Lontzetidis, the actors now […]

North Korean Hackers Abuse JSON Services to Deliver Malware Covertly Read More »

Researchers Discover Critical AI Bugs Affecting Meta, Nvidia, and Microsoft Inference Frameworks

Cybersecurity researchers have identified critical remote code execution (RCE) vulnerabilities impacting major AI inference frameworks, including those maintained by Meta, Nvidia, Microsoft, and open-source projects like vLLM and SGLang. These flaws, collectively termed the ShadowMQ pattern, stem from unsafe deserialization of Python objects over ZeroMQ (ZMQ) sockets. Root Cause: Unsafe Deserialization According to Avi Lumelsky

Researchers Discover Critical AI Bugs Affecting Meta, Nvidia, and Microsoft Inference Frameworks Read More »

Iranian Hackers Launch SpearSpecter Spy Operation Targeting Defense and Government

A state backed Iranian cyber espionage group, commonly known as APT42, has been observed conducting a new intelligence collection campaign aimed at individuals and organizations connected to national security. The Israel National Digital Agency (INDA) has named this ongoing operation SpearSpecter after identifying its activity in early September 2025. Highly Targeted Social Engineering Operations INDA

Iranian Hackers Launch SpearSpecter Spy Operation Targeting Defense and Government Read More »

Chinese Hackers Leveraged Anthropic AI Systems to Run Automated Cyber Espionage Operations

A state sponsored cyber group associated with China carried out an advanced espionage campaign in mid September 2025 by exploiting Anthropic’s artificial intelligence technology. According to Anthropic, the attackers used AI in a way never seen before, transforming it from a supportive tool into an automated engine that performed cyber attacks on its own. AI

Chinese Hackers Leveraged Anthropic AI Systems to Run Automated Cyber Espionage Operations Read More »

More Than 67,000 Fake npm Packages Flood Registry in Worm-Like Spam Campaign

Cybersecurity experts have uncovered a massive spam and worm-like campaign that has flooded the npm registry with more than 67,000 fake packages since early 2024. This operation appears to be a financially motivated attack designed to exploit the open nature of the npm ecosystem. According to a recent report from Endor Labs researchers Cris Staicu

More Than 67,000 Fake npm Packages Flood Registry in Worm-Like Spam Campaign Read More »

Fake Chrome Extension Safery Steals Ethereum Wallet Seed Phrases via Sui Blockchain

bersecurity researchers have discovered a malicious Chrome extension masquerading as a legitimate Ethereum wallet that secretly steals users’ seed phrases through an advanced blockchain-based exfiltration technique. The extension, named “Safery: Ethereum Wallet,” was falsely promoted as a secure Ethereum wallet for managing cryptocurrency with customizable settings. It was first uploaded to the Chrome Web Store

Fake Chrome Extension Safery Steals Ethereum Wallet Seed Phrases via Sui Blockchain Read More »

CISA Warns of Critical WatchGuard Fireware Vulnerability Exposing 54,000 Fireboxes to Unauthenticated Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert, adding a severe vulnerability found in WatchGuard Fireware to its Known Exploited Vulnerabilities (KEV) catalog after confirming active exploitation in the wild. The flaw, tracked as CVE-2025-9242 with a CVSS score of 9.3, is an out-of-bounds write vulnerability affecting the following Fireware

CISA Warns of Critical WatchGuard Fireware Vulnerability Exposing 54,000 Fireboxes to Unauthenticated Attacks Read More »

Google Files Lawsuit Against China-Based Hackers Operating $1 Billion Lighthouse Phishing Network

Google has filed a civil suit in the U.S. District Court for the Southern District of New York against China-based operators of a large Phishing-as-a-Service platform called Lighthouse, alleging the network has ensnared over 1 million victims across 120 countries and generated more than $1 billion in illicit revenue over three years. The complaint seeks

Google Files Lawsuit Against China-Based Hackers Operating $1 Billion Lighthouse Phishing Network Read More »

Amazon Uncovers Cyberattacks Exploiting Cisco ISE and Citrix NetScaler Zero-Day Vulnerabilities

Amazon’s threat intelligence division has discovered an ongoing campaign that exploits two critical zero-day vulnerabilities in Cisco Identity Services Engine (ISE) and Citrix NetScaler ADC systems. These flaws are being weaponized by a highly advanced threat actor to deploy custom-built malware aimed at infiltrating enterprise environments. Critical Vulnerabilities Under Attack The attack campaign takes advantage

Amazon Uncovers Cyberattacks Exploiting Cisco ISE and Citrix NetScaler Zero-Day Vulnerabilities Read More »

WhatsApp ‘Maverick’ Malware Hijacks Browser Sessions to Target Brazil’s Biggest Banks

Cybersecurity researchers have uncovered a sophisticated banking malware campaign in Brazil involving a new threat called Maverick, which spreads via WhatsApp and targets banking users by hijacking browser sessions. The campaign shows strong links to a prior malware strain known as Coyote, though Maverick exhibits new propagation and remote control techniques. How Maverick Spreads Maverick

WhatsApp ‘Maverick’ Malware Hijacks Browser Sessions to Target Brazil’s Biggest Banks Read More »