Sctocs, Author At SCtoCS

US Sanctions Garantex, Grinex Over $100M Crypto Ties

August 15, 2025

U.S. Targets Garantex and Grinex for Over $100 Million in Ransomware-Linked Crypto Transactions The United States Department of the Treasury’s Office of Foreign Assets Control (OFAC) has renewed sanctions on the Russian cryptocurrency exchange Garantex, accusing it of processing over $100 million in transactions tied to ransomware groups and other cybercriminal activities since 2019. The […]

US Sanctions Garantex, Grinex Over $100M Crypto Ties Read More »

Hackers Use YouTube Download Sites to Spread Proxyware

August 14, 2025

YouTube Proxyjacking Campaign Exploits Fake Video Download Sites Cybercriminals have intensified their proxyjacking campaigns by targeting users of YouTube video download services, according to recent security research. This attack exploits fake YouTube-to-MP4 conversion websites to distribute proxyware malware, focusing on users seeking free online video conversion tools. The campaign reflects a major evolution in bandwidth

Hackers Use YouTube Download Sites to Spread Proxyware Read More »

AI Fuels New Trends in Phishing Attacks

August 14, 2025

AI-Powered Phishing and Scams Transforming the Cybersecurity Landscape The cybersecurity landscape is undergoing a major shift as artificial intelligence becomes a powerful tool for cybercriminals, reshaping traditional phishing and scam tactics. Unlike earlier phishing campaigns, which often contained obvious errors and warning signs, modern AI-driven attacks are sophisticated and challenging even for vigilant users to

AI Fuels New Trends in Phishing Attacks Read More »

Splunk Guide Helps Detect ESXi Ransomware Activity

August 14, 2025

Splunk has released a specialized security guide designed to help cybersecurity teams detect and prevent ransomware attacks targeting VMware ESXi infrastructure before significant damage occurs. This release comes amid rising cyber threats against ESXi hypervisor systems, which have become prime ransomware targets due to their centralized role in virtualization and the lack of sufficient monitoring

Splunk Guide Helps Detect ESXi Ransomware Activity Read More »

SmartLoader Malware Spreads via Fake GitHub Projects

August 14, 2025

Cybersecurity researchers have identified a highly sophisticated malware distribution campaign that uses GitHub repositories disguised as legitimate software projects to infiltrate systems globally. The operation leverages GitHub’s reputation as a trusted code-sharing platform, deploying SmartLoader malware across multiple repositories to target unsuspecting users. Targeting Gaming and Software Enthusiasts The malicious campaign specifically focuses on individuals

SmartLoader Malware Spreads via Fake GitHub Projects Read More »

marcsimmons westblock parlimentexterior 1113x800

Canada House of Commons Hit by Microsoft Exploit

August 14, 2025

On August 9, 2025, the Canadian House of Commons experienced a cyberattack in which threat actors exploited a recently disclosed Microsoft vulnerability to gain unauthorized access to sensitive employee data. The incident highlights the persistent cybersecurity challenges facing Canadian government institutions amid a rapidly escalating global threat landscape. Details of the Breach According to an

Canada House of Commons Hit by Microsoft Exploit Read More »

Hackers Use Phishlet for FIDO Downgrade Attacks

August 14, 2025

FIDO Passkeys Face New Downgrade Attack Threat A new and highly sophisticated cyber threat has surfaced, targeting one of the most trusted authentication technologies in modern cybersecurity. FIDO-based passkeys, widely regarded as the gold standard for phishing-resistant authentication, are now vulnerable to an advanced downgrade attack. This technique forces users to abandon strong FIDO authentication

Hackers Use Phishlet for FIDO Downgrade Attacks Read More »

WordPress Plugin Bug Exposes 70K+ Sites to RCE

August 14, 2025

A severe security flaw has been identified in the widely used “Database for Contact Form 7, WPforms, Elementor forms” WordPress plugin, putting more than 70,000 websites at risk of remote code execution (RCE) attacks. The issue, registered as CVE-2025-7384 with a CVSS score of 9.8 (Critical), impacts all plugin versions up to and including 1.4.3.

WordPress Plugin Bug Exposes 70K+ Sites to RCE Read More »

Global Brute-Force Hits Fortinet SSL VPNs Before Shift

August 12, 2025

Cybersecurity researchers have reported a sharp increase in brute-force traffic targeting Fortinet SSL VPN devices, raising concerns over a possible build-up to a broader exploitation campaign. According to threat intelligence firm GreyNoise, the coordinated activity was first detected on August 3, 2025, involving more than 780 unique malicious IP addresses. Within the past 24 hours

Global Brute-Force Hits Fortinet SSL VPNs Before Shift Read More »

Researchers Discover XZ Utils Backdoor in Dozens of Docker Hub Images, Increasing Supply Chain Risks

August 12, 2025

Security researchers have discovered dozens of Docker Hub images infected with the notorious XZ Utils backdoor, more than a year after the incident was first revealed. Even more concerning, several other images have been built on top of these compromised base images, spreading the backdoor indirectly across the Docker ecosystem, according to a Binarly Research

Researchers Discover XZ Utils Backdoor in Dozens of Docker Hub Images, Increasing Supply Chain Risks Read More »

sctocs