sctocs

China-Linked Hackers Exploit New VMware Zero-Day Active Since October 2024

A critical security flaw in Broadcom VMware Tools and VMware Aria Operations has been actively exploited since October 2024. According to cybersecurity researchers at NVISO Labs, the attacks are linked to a China-based hacking group tracked as UNC5174 (also known as Uteus or Uetus). The bug, identified as CVE-2025-41244 with a CVSS score of 7.8, […]

China-Linked Hackers Exploit New VMware Zero-Day Active Since October 2024 Read More »

Microsoft Expands Sentinel Into Agentic Security Platform With Unified Data Lake

Microsoft has officially announced a major expansion of its Sentinel Security Information and Event Management (SIEM) solution, transforming it into a unified agentic security platform. At the core of this update is the general availability of the Sentinel data lake, designed to provide enterprises with advanced capabilities for managing and analyzing security data. In addition

Microsoft Expands Sentinel Into Agentic Security Platform With Unified Data Lake Read More »

Researchers Reveal Google Gemini AI Flaws Enabling Prompt Injection and Cloud Exploits

Cybersecurity researchers have disclosed a trio of now-patched vulnerabilities, collectively called the Gemini Trifecta, that impacted Google’s Gemini AI suite. If exploited, these flaws could have exposed users to privacy breaches and data theft, by turning AI features into attack vectors, rather than just targets. The findings underscore a worrying trend, where sophisticated threat actors,

Researchers Reveal Google Gemini AI Flaws Enabling Prompt Injection and Cloud Exploits Read More »

Phantom Taurus, a China-Linked Hacker Group, Targets Governments With Stealth Malware

Over the past two and a half years, a China-linked, state-aligned cyber espionage group, known as Phantom Taurus, has been observed targeting government and telecommunications organizations across Africa, the Middle East, and Asia. The group focuses on intelligence collection, aiming to obtain sensitive diplomatic and defense-related data, often aligning its operations with major geopolitical events

Phantom Taurus, a China-Linked Hacker Group, Targets Governments With Stealth Malware Read More »

$50 Battering RAM Attack Breaks Intel, AMD Cloud Security Protections

The researchers describe a simple interposer, which can be assembled for about $50, that sits between the processor and the DDR4 memory modules. During system start, the interposer remains transparent and passes all integrity and trust checks. At runtime, however, the device can be flipped into an active mode, where it stealthily remaps physical addresses

$50 Battering RAM Attack Breaks Intel, AMD Cloud Security Protections Read More »

EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations

Threat actors are exploiting the popularity of artificial intelligence (AI) by embedding malware into fake productivity and AI-enhanced tools, according to a recent Trend Micro report. This campaign, known as EvilAI, is targeting organizations worldwide across regions such as Europe, the Americas, and the Asia, Middle East, and Africa (AMEA) region. Global Impact and Targeted

EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations Read More »

DataCenter Fire Knocks 600+ South Korean Government Websites Offline

A lithium-ion battery explosion at a major government data center in South Korea has disrupted more than 600 critical services, underscoring the risks of centralizing vital digital infrastructure. The fire broke out Friday night at the National Information Resources Service (NIRS) facility in Daejeon. According to officials, a disconnected battery exploded during relocation work around

DataCenter Fire Knocks 600+ South Korean Government Websites Offline Read More »

Threat Actors Exploit Dynamic DNS Providers for Malicious Activities

Cybersecurity experts are sounding the alarm over a rising threat vector, as malicious actors increasingly exploit Dynamic DNS (DDNS) providers to create resilient command and control (C2) infrastructure. These subdomain rental services, originally intended for legitimate hosting purposes, have become a preferred tool for cybercriminals seeking to bypass traditional security defenses and regulatory oversight. The

Threat Actors Exploit Dynamic DNS Providers for Malicious Activities Read More »

SVG Files Weaponized to Deliver PureMiner, Steal Sensitive Information

A recent phishing campaign targeting Ukrainian organizations abuses Scalable Vector Graphics, SVG, files as the initial infection vector. The attackers use embedded HTML, spoofed interfaces, and chained fileless stages to deliver two payloads, PureMiner, and Amatera Stealer. The campaign relies on user deception, legitimate tools, and memory-only execution to evade detection and harvest credentials, browser

SVG Files Weaponized to Deliver PureMiner, Steal Sensitive Information Read More »

Researchers Reveal Phishing Campaigns Distributing CountLoader and PureRAT

Researchers have uncovered a new phishing campaign that impersonates Ukrainian government organizations to distribute CountLoader, which subsequently delivers Amatera Stealer and PureMiner. According to Fortinet FortiGuard Labs researcher Yurren Wan, “The phishing emails carry malicious Scalable Vector Graphics (SVG) files designed to deceive recipients into opening dangerous attachments.” In the attack scenarios analyzed by cybersecurity

Researchers Reveal Phishing Campaigns Distributing CountLoader and PureRAT Read More »