sctocs

5g (6)

New Cephalus Ransomware Uses RDP for Initial Access

A newly discovered ransomware family named Cephalus has emerged as a serious cyber threat, infiltrating organizations by exploiting compromised Remote Desktop Protocol (RDP) credentials that lack multi-factor authentication (MFA). The ransomware’s name comes from Greek mythology, referencing Cephalus, the son of Hermes, who accidentally killed his wife with an infallible javelin. This symbolism underscores the […]

New Cephalus Ransomware Uses RDP for Initial Access Read More »

5g (5)

Critical Chrome Use After Free Vulnerability Enables Arbitrary Code Execution

Google has released an urgent security update for Chrome to fix a critical use-after-free (UAF) vulnerability (CVE-2025-9478) found in the ANGLE graphics library. This flaw could allow attackers to execute arbitrary code and potentially take over affected systems. The issue impacts Chrome versions earlier than 139.0.7258.154/.155 across Windows, macOS, and Linux. Discovery and Severity The

Critical Chrome Use After Free Vulnerability Enables Arbitrary Code Execution Read More »

5g (4)

Salesloft and Drift Breach Used to Steal OAuth Tokens from Salesforce

A highly advanced cyber campaign has compromised corporate Salesforce environments by abusing OAuth tokens linked to the Salesloft Drift third-party application. The incident resulted in large-scale exposure of sensitive information across several organizations. The campaign, attributed to UNC6395, was active between August 8 and August 18, 2025, and showed a high level of operational security

Salesloft and Drift Breach Used to Steal OAuth Tokens from Salesforce Read More »

5g (3)

China-Based Threat Group Mustang Panda Tactics and Techniques Exposed

China-based Advanced Persistent Threat (APT) group Mustang Panda has established itself as one of the most sophisticated cyber espionage actors active in the global threat landscape. Active since at least 2014, the group has consistently expanded its operations and capabilities, targeting organizations in both government and non-government sectors. Global Targeting and Spear-Phishing Operations Mustang Panda

China-Based Threat Group Mustang Panda Tactics and Techniques Exposed Read More »

5g (2)

Securden Unified PAM Flaw Allows Attackers to Bypass Authentication

Cybersecurity experts have identified a severe security vulnerability in Securden Unified PAM, allowing attackers to fully bypass authentication and gain unauthorized access to sensitive credentials and system functions. The flaw, tracked as CVE-2025-53118 with a CVSS score of 9.4, is one of four major issues discovered in the privileged access management (PAM) platform that could

Securden Unified PAM Flaw Allows Attackers to Bypass Authentication Read More »

5g (1)

Hook Android Banking Malware Adds Advanced Features, Supports 107 Remote Commands

A newly discovered variant of the Hook Android banking trojan has surfaced with extraordinary capabilities, placing it among the most powerful mobile malware strains identified so far. Evolution of Hook Trojan The latest build, called Hook Version 3, marks a major advancement in Android malware technology. It introduces a massive toolkit of 107 remote commands,

Hook Android Banking Malware Adds Advanced Features, Supports 107 Remote Commands Read More »

5g (1)

Citrix Fixes NetScaler Vulnerabilities, CVE-2025-7775 Actively Exploited

Citrix has rolled out critical security updates to fix three vulnerabilities affecting NetScaler ADC and NetScaler Gateway. Among them, one flaw is already being actively exploited in real-world attacks, according to the company. Overview of the Vulnerabilities Citrix confirmed that CVE-2025-7775 has been exploited on unpatched appliances but did not disclose further technical details. Exploitation

Citrix Fixes NetScaler Vulnerabilities, CVE-2025-7775 Actively Exploited Read More »

5g

Sni5Gect Attack Forces 5G Phones to Crash and Downgrade to 4G Without Rogue Base Station

A team of researchers has introduced a groundbreaking cyberattack technique capable of crashing 5G-enabled devices and downgrading their connectivity to 4G, all without the need for a rogue base station. What is Sni5Gect? The attack, developed by the ASSET (Automated Systems SEcuriTy) Research Group at the Singapore University of Technology and Design (SUTD), makes use

Sni5Gect Attack Forces 5G Phones to Crash and Downgrade to 4G Without Rogue Base Station Read More »

untitled design (1)

MixShell Malware Uses Contact Forms to Target U.S. Supply Chain Manufacturers

Cybersecurity experts have uncovered a highly sophisticated social engineering campaign that is deploying MixShell, a stealthy in-memory malware, against key manufacturing companies vital to the global supply chain. This malicious operation, tracked by Check Point Research under the name ZipLine, takes an unusual approach to infiltration. A Shift from Traditional Phishing Instead of relying on

MixShell Malware Uses Contact Forms to Target U.S. Supply Chain Manufacturers Read More »

untitled design

ShadowCaptcha Malware Targets WordPress Sites to Deliver Ransomware, Stealers, and Miners

Large-Scale Attack Campaign A newly identified cyber campaign, codenamed ShadowCaptcha, has compromised more than 100 WordPress websites to redirect visitors toward fake CAPTCHA verification pages. These pages use the ClickFix social engineering technique to deliver information stealers, ransomware, and cryptocurrency miners. The operation, first discovered in August 2025 by the Israel National Digital Agency, highlights

ShadowCaptcha Malware Targets WordPress Sites to Deliver Ransomware, Stealers, and Miners Read More »