sctocs

GPT-5 Jailbreak and Zero-Click AI Agent Exploits Threaten Cloud and IoT Security

Cybersecurity researchers have revealed a new jailbreak method targeting OpenAI’s GPT-5 language model, enabling it to bypass ethical safeguards and produce harmful instructions. The method, developed by NeuralTrust, combines a known exploit called Echo Chamber with a narrative-driven approach to manipulate the AI’s responses. By seeding the conversation with subtle cues and reinforcing them through storytelling, attackers […]

GPT-5 Jailbreak and Zero-Click AI Agent Exploits Threaten Cloud and IoT Security Read More »

Cisco Reports CRM Data Breach From Vishing Attack, No Sensitive Data Exposed

Cisco has confirmed a security breach involving a third-party cloud-based Customer Relationship Management (CRM) system. This breach exposed limited profile details of users registered on Cisco.com, such as names, email addresses, and phone numbers. The incident came to light on July 24, 2025, when a vishing (voice phishing) attack targeted one of Cisco’s representatives. This

Cisco Reports CRM Data Breach From Vishing Attack, No Sensitive Data Exposed Read More »

CISA Issues Alert on Actively Exploited D-Link Vulnerabilities

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a new alert, adding three critical D-Link vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, confirming they are being actively exploited in real-world cyberattacks. These vulnerabilities pose serious risks to both federal and non-federal networks by exposing IP cameras and video recorders to remote exploitation.

CISA Issues Alert on Actively Exploited D-Link Vulnerabilities Read More »

Microsoft Launches Zero-Day Quest Hacking Contest With $5 Million in Rewards

Microsoft Relaunches Zero Day Quest With $5 Million in Bounties for Critical AI and Cloud Vulnerabilities Microsoft has officially reintroduced its industry-shaping Zero Day Quest, the largest public hacking event in cybersecurity history, now offering up to $5 million in bounties for impactful vulnerability discoveries across its critical platforms. This year’s initiative builds upon last

Microsoft Launches Zero-Day Quest Hacking Contest With $5 Million in Rewards Read More »

Cyber Attacks on AI Infrastructure Surge as Critical Vulnerabilities Are Exposed

In a troubling new development, cybercriminals are increasingly targeting the core infrastructure behind artificial intelligence, including GPU clusters, model-serving gateways, and training pipelines used in large language model (LLM) deployments. Over the past six months, a new malware family dubbed “ShadowInit” has been observed in attacks focused not just on GPU resources but on stealing

Cyber Attacks on AI Infrastructure Surge as Critical Vulnerabilities Are Exposed Read More »

ClickTok Campaign Uses 10,000+ Malicious Domains to Target TikTok Shop Users

A new large-scale cybercrime operation known as ClickTok has surfaced, aiming at TikTok Shop users through a complex mix of phishing and malware distribution. Security researchers have discovered over 10,000 malicious domains involved in stealing login credentials and deploying spyware. The campaign marks a significant rise in e-commerce cyberattacks, leveraging the popularity of TikTok’s in-app

ClickTok Campaign Uses 10,000+ Malicious Domains to Target TikTok Shop Users Read More »

APT36 Hackers Target Indian Government to Steal Login Credentials

A new phishing campaign linked to Pakistan-based APT36 has been identified as a significant threat to Indian government systems. First discovered in August 2025, this operation uses typo-squatted domains to mimic official Indian login portals. When users enter their email credentials, they are redirected to fake pages that closely resemble the National Informatics Centre’s Kavach authentication system.

APT36 Hackers Target Indian Government to Steal Login Credentials Read More »

ClickFix Malware Uses CAPTCHA Tricks to Launch Cross-Platform Attacks

A clever blend of social engineering, stealthy delivery, and technical evasion has made ClickFix one of the fastest-growing malware tactics in recent cybersecurity history, according to a report by Guardio Labs. “Just like a real-world virus variant, ClickFix quickly outpaced the infamous fake browser update scam,” said researcher Shaked Chen, sharing the findings with The Hacker

ClickFix Malware Uses CAPTCHA Tricks to Launch Cross-Platform Attacks Read More »

SonicWall Probes Ransomware Attacks Exploiting Suspected 0-Day Vulnerability.

SonicWall is currently examining a series of cyber incidents involving ransomware, believed to be exploiting a zero-day vulnerability in its firewall devices. These attacks reportedly bypass multi-factor authentication (MFA) and deploy ransomware, suggesting the exploitation of an unknown flaw. On Monday, SonicWall confirmed that it is investigating this surge in ransomware activity, particularly affecting Gen

SonicWall Probes Ransomware Attacks Exploiting Suspected 0-Day Vulnerability. Read More »

SafePay Ransomware Leverages RDP and VPN for Intruding Into Organizations Network

SafePay Ransomware Emerges as a Major Cybersecurity Threat A dangerous new ransomware group has risen to prominence, becoming one of the most formidable threats in today’s cybersecurity landscape. Known for its rapid development and advanced attack strategies, SafePay ransomware is quickly gaining notoriety. First identified in 2024, SafePay has evolved from an obscure threat into

SafePay Ransomware Leverages RDP and VPN for Intruding Into Organizations Network Read More »