sctocs

AI Waifu RAT Targets Users With Novel Social Engineering Techniques

A new and highly targeted malware campaign is spreading within niche Large Language Model (LLM) role-playing communities, using advanced social engineering tactics to deliver a dangerous Remote Access Trojan (RAT). Researchers have named the malware “AI Waifu RAT”, which disguises itself as an AI companion enhancement tool promising advanced “meta” interactions between users and their […]

AI Waifu RAT Targets Users With Novel Social Engineering Techniques Read More »

ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics

Discovery of New Campaign Cybersecurity experts have identified a fresh phishing operation conducted by the North Korean state-sponsored threat group ScarCruft (APT37). The attackers are using a well-known malware called RokRAT to infiltrate systems and steal sensitive information. Researchers at Seqrite Labs named this campaign Operation HanKook Phantom, noting that the attacks are aimed at

ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics Read More »

Attackers Abuse Velociraptor Tool to Deploy VS Code for C2 Tunneling

Cybersecurity experts have uncovered a recent attack where unknown adversaries misused Velociraptor, an open-source digital forensic and endpoint monitoring tool, to further their malicious activities. This case highlights the ongoing abuse of legitimate software by threat actors to avoid detection. According to a report by the Sophos Counter Threat Unit Research Team, the attackers utilized

Attackers Abuse Velociraptor Tool to Deploy VS Code for C2 Tunneling Read More »

73b1f1d7 e63d 4361 b8a9 864b54291f6a

Sogou Zhuyin Update Server Hijacked in Taiwan Espionage Campaign

An abandoned update server once linked to the Sogou Zhuyin Input Method Editor (IME) has been hijacked by threat actors in a large-scale espionage campaign. The attackers exploited the server to distribute multiple malware families including C6DOOR and GTELAM, primarily targeting users across East Asia. According to Trend Micro researchers Nick Dai and Pierre Lee,

Sogou Zhuyin Update Server Hijacked in Taiwan Espionage Campaign Read More »

fake tesla websites

Sitecore Exploit Chain Links Cache Poisoning to RCE

New Vulnerabilities in Sitecore Experience Platform Security researchers from watchTowr Labs have uncovered three critical vulnerabilities in the Sitecore Experience Platform. If exploited, these flaws could allow attackers to perform information disclosure and even achieve remote code execution (RCE) on targeted systems. The reported vulnerabilities include: Sitecore released patches for CVE-2025-53693 and CVE-2025-53691 in June

Sitecore Exploit Chain Links Cache Poisoning to RCE Read More »

add a heading (17)

Weaponized ScreenConnect Delivers Xworm RAT

In a recent Advanced Continual Threat Hunt (ACTH) operation, Trustwave’s SpiderLabs uncovered a stealthy campaign where cybercriminals weaponized ScreenConnect, a legitimate remote management tool, to deliver the Xworm Remote Access Trojan (RAT) through a layered infection chain. By using fake AI-related content and tampered digital certificates, the attackers managed to bypass many Endpoint Detection and

Weaponized ScreenConnect Delivers Xworm RAT Read More »

add a heading (15)

VS Code Flaw Lets Attackers Republish Deleted Extensions

Cybersecurity experts have uncovered a loophole in the Visual Studio Code (VS Code) Marketplace that allows attackers to reuse the names of extensions that were previously removed. The discovery was made by ReversingLabs, a software supply chain security company, after identifying a malicious extension named “ahbanC.shiba”. This extension behaved similarly to two earlier extensions –

VS Code Flaw Lets Attackers Republish Deleted Extensions Read More »

add a heading (14)

Hidden Flaws in Project Tools and How FluentPro Backup Provides the Fix

Every day, countless businesses and project managers rely on platforms like Trello, Asana, Monday.com, and others to manage tasks and collaborate. But what happens when these trusted tools fail? According to a Statista report, the global average cost of a data breach is around $4.88 million. In 2024, the private data of over 15 million

Hidden Flaws in Project Tools and How FluentPro Backup Provides the Fix Read More »

add a heading (12)

NX Build Tool Hacked to Steal Wallets and Secrets

A new supply-chain attack has compromised the widely used NX build tool, impacting more than 1,400 developers. Security researchers discovered that a malicious post-install script was added, which silently created a GitHub repository named s1ngularity-repository in affected users’ accounts. Inside this repository, attackers stored a base64-encoded dump containing highly sensitive information, including wallet files, API

NX Build Tool Hacked to Steal Wallets and Secrets Read More »

add a heading (13)

CISA Guide to Hunt and Defend Against Chinese Hackers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the NSA, FBI, and several international partners, has released a major cybersecurity advisory exposing a global espionage campaign conducted by state-sponsored hackers from the People’s Republic of China (PRC). These operations are targeting critical infrastructure networks around the world. The 37-page document, “Countering Chinese

CISA Guide to Hunt and Defend Against Chinese Hackers Read More »