sctocs

TeamPCP Compromises Checkmarx GitHub Actions Using Stolen CI Credentials

Security researchers have reported that the cloud-native cybercriminal group TeamPCP has expanded its supply chain operations by targeting Checkmarx GitHub Actions workflows. This latest activity follows their notorious compromise of the Trivy vulnerability scanner and associated GitHub Actions. The compromised workflows include: How the Attack Works According to cloud security firm Sysdig, the attackers used a […]

TeamPCP Compromises Checkmarx GitHub Actions Using Stolen CI Credentials Read More »

U.S. Sentences Russian Hacker to 6.75 Years in Prison for $9M Ransomware Scheme

A U.S. federal court has sentenced a 26-year-old Russian national, Aleksei Olegovich Volkov, to 6.75 years in prison for his involvement in facilitating ransomware attacks that caused millions in damages. The case highlights the growing role of cybercrime networks and initial access brokers in enabling large-scale ransomware operations targeting organizations worldwide. Key Role in Ransomware Attacks

U.S. Sentences Russian Hacker to 6.75 Years in Prison for $9M Ransomware Scheme Read More »

Citrix Urges Immediate Patching of Critical NetScaler Flaw Allowing Unauthenticated Data Leaks

Citrix has released critical security updates to address serious vulnerabilities in its NetScaler ADC and NetScaler Gateway products, warning organizations about the potential risk of sensitive data exposure. The update includes fixes for two security flaws, one of which could allow attackers to access sensitive information without authentication, raising concerns across enterprise environments. Critical Vulnerability

Citrix Urges Immediate Patching of Critical NetScaler Flaw Allowing Unauthenticated Data Leaks Read More »

North Korean Hackers Exploit VS Code Auto Run Tasks to Deploy StoatWaffle Malware

Cybersecurity experts have identified a sophisticated campaign by North Korean threat actors, tracked as WaterPlum, deploying a modular malware family known as StoatWaffle through malicious Microsoft Visual Studio Code (VS Code) projects. The campaign, dubbed Contagious Interview, targets developers and cryptocurrency professionals with social engineering tactics. Auto-Execution via VS Code Tasks The attackers leverage the tasks.json file

North Korean Hackers Exploit VS Code Auto Run Tasks to Deploy StoatWaffle Malware Read More »

Microsoft Warns IRS Phishing Campaign Hits 29,000 Users and Deploys RMM Malware

Microsoft has issued a warning about a surge in phishing attacks exploiting the U.S. tax season, with cybercriminals targeting tens of thousands of users to steal sensitive data and deploy remote access malware. According to recent threat intelligence findings, attackers are leveraging tax-related themes to trick victims into engaging with malicious emails. These messages often

Microsoft Warns IRS Phishing Campaign Hits 29,000 Users and Deploys RMM Malware Read More »

Trivy Hack Spreads Infostealer via Docker and Triggers Worm Alongside Kubernetes Wiper

A major cybersecurity incident involving the widely used Trivy vulnerability scanner has expanded significantly, with malicious components spreading across Docker environments and cloud-native infrastructures. Security researchers have confirmed that compromised versions of Trivy were distributed via Docker Hub, exposing developers and organizations to serious threats. This incident highlights the growing impact of software supply chain

Trivy Hack Spreads Infostealer via Docker and Triggers Worm Alongside Kubernetes Wiper Read More »

Hackers Exploit CVE-2025-32975 CVSS 10.0 to Take Over Unpatched Quest KACE SMA Systems

Cybersecurity researchers have identified active exploitation of a critical security flaw affecting Quest KACE Systems Management Appliance (SMA), raising serious concerns for organizations relying on the platform. According to recent findings from Arctic Wolf, suspicious activity linked to this vulnerability began emerging during the week of March 9, 2026. The attacks specifically target SMA systems

Hackers Exploit CVE-2025-32975 CVSS 10.0 to Take Over Unpatched Quest KACE SMA Systems Read More »

FBI Warns of Russian Hackers Targeting Signal and WhatsApp in Large Scale Phishing Attacks

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a warning about ongoing phishing attacks carried out by Russian-aligned threat actors. These campaigns are targeting widely used messaging platforms such as WhatsApp and Signal to compromise high-value individuals. Who Is Being Targeted The attacks primarily focus on individuals

FBI Warns of Russian Hackers Targeting Signal and WhatsApp in Large Scale Phishing Attacks Read More »

Oracle Fixes Critical CVE-2026-21992 Allowing Unauthenticated Remote Code Execution in Identity Manager

Oracle Corporation has released urgent security updates to address a severe vulnerability affecting Oracle Identity Manager and Oracle Web Services Manager. The flaw, tracked as CVE-2026-21992, allows unauthenticated attackers to execute arbitrary code remotely, making it a high-risk security issue. Severity and Impact This vulnerability has been assigned a CVSS score of 9.8 out of

Oracle Fixes Critical CVE-2026-21992 Allowing Unauthenticated Remote Code Execution in Identity Manager Read More »

CISA Known Exploited Vulnerabilities Catalog logo

CISA Adds Apple, Craft CMS, and Laravel Vulnerabilities to KEV and Urges Patching by April 3, 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added five actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The agency has directed federal organizations to apply security patches by April 3, 2026, to reduce the risk of ongoing attacks. Affected Vulnerabilities Across Apple and Web Platforms The newly listed vulnerabilities affect systems

CISA Adds Apple, Craft CMS, and Laravel Vulnerabilities to KEV and Urges Patching by April 3, 2026 Read More »