sctocs

Google Chrome RCE Flaw Disclosed, Exploit Code Published

Researchers have published full technical details and proof-of-concept exploit code for a critical remote code execution, RCE, vulnerability in Google Chrome’s V8 JavaScript engine. The bug stems from a WebAssembly type canonicalization regression that creates nullability confusion, and a separate JavaScript Promise Integration, JSPI, state-switching weakness that enables a novel sandbox bypass. This article explains […]

Google Chrome RCE Flaw Disclosed, Exploit Code Published Read More »

Chinese Cybercrime Gang Operates Worldwide SEO Fraud Scheme Through Hacked IIS Servers

A new cybersecurity investigation has revealed a large-scale cyber fraud operation linked to a Chinese-speaking group named UAT-8099. This group is reportedly involved in SEO manipulation, data theft, and unauthorized access to systems via compromised Microsoft IIS servers. The attackers primarily target regions like India, Thailand, Vietnam, Canada, and Brazil, with victims including universities, tech

Chinese Cybercrime Gang Operates Worldwide SEO Fraud Scheme Through Hacked IIS Servers Read More »

Fresh Report Connects BIETA and CIII Research Firms to China’s MSS Cyber Activities

A new intelligence report has revealed connections between two Chinese research firms, the Beijing Institute of Electronics Technology and Application (BIETA) and its subsidiary Beijing Sanxin Times Technology Co., Ltd. (CIII), and China’s Ministry of State Security (MSS). According to cybersecurity firm Recorded Future, BIETA appears to be managed or influenced by the MSS based

Fresh Report Connects BIETA and CIII Research Firms to China’s MSS Cyber Activities Read More »

PoC Released for Sudo Vulnerability Allowing Attackers to Gain Root Access

A public proof-of-concept, PoC, has been published for CVE-2025-32463, a local privilege escalation flaw in the Sudo utility that can allow a local attacker to gain root privileges under certain configurations. Security researcher Rich Mirch discovered the issue, and a working exploit plus usage instructions are available in an open GitHub repository, increasing the pressure

PoC Released for Sudo Vulnerability Allowing Attackers to Gain Root Access Read More »

Oracle Issues Urgent Patch for CVE-2025-61882 Exploited by Cl0p in Data Theft Attacks

Oracle has released an emergency patch to address a serious security vulnerability in its E-Business Suite. The flaw, identified as CVE-2025-61882 with a CVSS score of 9.8, has already been actively exploited in data theft campaigns carried out by the Cl0p ransomware group. Details of the Vulnerability The issue lies in the Oracle Concurrent Processing

Oracle Issues Urgent Patch for CVE-2025-61882 Exploited by Cl0p in Data Theft Attacks Read More »

Detour Dog Exposed for Operating DNS-Based Malware Factory Linked to Strela Stealer

A cybercriminal known as Detour Dog has been exposed as the operator behind large-scale DNS-powered malware campaigns that distribute Strela Stealer, an information-stealing malware. Security researchers from Infoblox have traced the attacker’s infrastructure, revealing how it fuels the spread of a backdoor named StarFish, which acts as the entry point for Strela Stealer infections. Background

Detour Dog Exposed for Operating DNS-Based Malware Factory Linked to Strela Stealer Read More »

Researchers Alert on SORVEPOTEL, a Self-Spreading Malware Targeting WhatsApp Users

A newly discovered malware campaign is targeting WhatsApp users in Brazil, spreading rapidly through phishing techniques. The malware, named SORVEPOTEL by Trend Micro researchers, is designed for fast propagation rather than data theft or ransomware. The attack begins when compromised WhatsApp accounts send phishing messages containing malicious ZIP file attachments. These files often appear as

Researchers Alert on SORVEPOTEL, a Self-Spreading Malware Targeting WhatsApp Users Read More »

CISA Warns Meteobridge CVE-2025-4008 Vulnerability Is Actively Exploited

Security firm ONEKEY, which discovered and reported the flaw in February 2025, explained that the Meteobridge web application, built using CGI shell scripts and C, exposes a script called template.cgi through the /cgi-bin/template.cgi directory. This script’s insecure use of eval makes it possible for attackers to inject malicious commands through specially crafted requests. For instance,

CISA Warns Meteobridge CVE-2025-4008 Vulnerability Is Actively Exploited Read More »

New “Cavalry Werewolf” Attack Targets Russian Agencies With FoalShell and StallionRAT

A threat actor, tracked by security researchers as Cavalry Werewolf, has been observed targeting Russian government organisations and critical industry networks, using malware families known as FoalShell and StallionRAT. Cybersecurity vendor BI.ZONE links this cluster to multiple other tracked groups, including SturgeonPhisher, Silent Lynx, Comrade Saiga, ShadowSilk, and Tomiris, which suggests overlapping toolsets and tactics.

New “Cavalry Werewolf” Attack Targets Russian Agencies With FoalShell and StallionRAT Read More »

Confucius Hackers Target Pakistan With WooperStealer and Anondoor Malware

A persistent threat actor known as Confucius has been linked to a fresh phishing campaign focused on Pakistan, deploying information stealers and, more recently, a Python-based backdoor. Security firms have observed the group using malware families such as WooperStealer and Anondoor to harvest sensitive data and to establish longer-term access on compromised systems. Background and

Confucius Hackers Target Pakistan With WooperStealer and Anondoor Malware Read More »