sctocs

add a heading (11)

‘QuirkyLoader’ Malware Distributes Infostealers and RATs

A sophisticated malware loader known as QuirkyLoader has emerged as a serious cyber threat, actively spreading prominent infostealers and remote access trojans (RATs) since November 2024. This malware stands out due to its ability to deliver multiple types of malicious payloads, including Agent Tesla, AsyncRAT, FormBook, MassLogger, Remcos, Rhadamanthys, and Snake Keylogger, making it a […]

‘QuirkyLoader’ Malware Distributes Infostealers and RATs Read More »

Blue Report 2025: Weak Passwords and Compromised Accounts Findings

Security professionals often focus on countering the latest sophisticated attack methods. However, the most damaging breaches frequently stem not from cutting-edge exploits, but from compromised accounts and cracked credentials. Despite widespread awareness, Picus Security’s Blue Report 2025 reveals that many organizations still struggle to prevent password attacks and detect malicious activity using stolen credentials. A

Blue Report 2025: Weak Passwords and Compromised Accounts Findings Read More »

add a heading (30)

Microsoft VS Code Remote-SSH Extension Exploited to Run Malicious Code

A severe security flaw has been identified in Microsoft’s VS Code Remote-SSH extension, enabling attackers to execute malicious code on a developer’s local machine by abusing compromised remote servers. Security experts have demonstrated this exploit, named “Vibe Hacking”, which takes advantage of the trusted link between remote development environments and local systems. The issue impacts

Microsoft VS Code Remote-SSH Extension Exploited to Run Malicious Code Read More »

add a heading (29)

Critical Apache Tika PDF Parser Flaw Exposes Sensitive Data

A newly discovered security flaw in Apache Tika’s PDF parser module poses a serious threat to enterprise environments. The vulnerability, tracked as CVE-2025-54988, has been rated critical by security researchers because it enables attackers to steal sensitive data and send malicious requests to internal systems. Key Points XXE Vulnerability Explained The vulnerability arises from an

Critical Apache Tika PDF Parser Flaw Exposes Sensitive Data Read More »

add a heading (28)

Russian Hackers Exploit 7-Year-Old Cisco Flaw to Steal Industrial Configs

A Russian state-backed cyber espionage group known as Static Tundra has been exploiting a seven-year-old flaw in Cisco networking devices to steal sensitive configuration data and maintain hidden access across critical infrastructure networks. This group, tied to Russia’s Federal Security Service (FSB) Center 16, has been targeting outdated and unpatched devices since 2015. Their operations

Russian Hackers Exploit 7-Year-Old Cisco Flaw to Steal Industrial Configs Read More »

add a heading (26)

CISA Issues Four ICS Advisories on Vulnerabilities and Exploits

On August 19, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released four detailed Industrial Control Systems (ICS) advisories, warning of serious security flaws in critical infrastructure sectors such as energy and manufacturing. The reported issues carry CVSS severity scores between 5.8 and 9.8, highlighting the urgent need for action from administrators and security teams.

CISA Issues Four ICS Advisories on Vulnerabilities and Exploits Read More »

add a heading (24)

Scattered Spider Hacker Sentenced to 10 Years for $13M SIM Swapping Crypto Theft

A 20-year-old member of the cybercrime gang Scattered Spider has been sentenced to 10 years in U.S. federal prison for his involvement in a series of major hacking campaigns and cryptocurrency theft operations. Sentencing Details Noah Michael Urban pleaded guilty in April 2025 to charges of wire fraud and aggravated identity theft, according to reports from Bloomberg and

Scattered Spider Hacker Sentenced to 10 Years for $13M SIM Swapping Crypto Theft Read More »

add a heading (23)

Hackers Exploit ADFS and Office.com to Steal Microsoft 365 Credentials

A new and highly deceptive phishing campaign is targeting Microsoft 365 accounts by abusing Microsoft’s own Active Directory Federation Services (ADFS). The attackers redirect users from legitimate office.com links to malicious login pages, making the scam exceptionally hard to detect. Evolution of Phishing Attacks Researchers at cybersecurity firm Push Security revealed this tactic, describing it

Hackers Exploit ADFS and Office.com to Steal Microsoft 365 Credentials Read More »

add a heading (22)

RingReaper Malware Targets Linux Servers, Evades EDR

A newly discovered malware called RingReaper is actively targeting Linux servers, raising serious concerns due to its advanced evasion strategies that undermine traditional endpoint detection and response (EDR) solutions. How RingReaper Operates RingReaper functions as a post-exploitation agent that takes advantage of the Linux kernel’s io_uring interface, a modern asynchronous I/O system designed for high-performance

RingReaper Malware Targets Linux Servers, Evades EDR Read More »

add a heading (21)

Threat Actors Use GenAI to Craft Realistic Phishing Content

Cybercriminals are increasingly taking advantage of generative AI platforms to create advanced phishing campaigns that are much harder for traditional security systems to detect. The rapid growth of GenAI services has built an environment where attackers can easily generate realistic phishing emails, mimic trusted organizations, and scale attacks with very little technical skill required. Modern

Threat Actors Use GenAI to Craft Realistic Phishing Content Read More »