SCtoCS

APT28 Targeted European Organizations With Webhook Based Macro Malware - SCtoCS APT28 targeted European entities using webhook based macro malware, highlighting ongoing cyber espionage efforts across the region.

APT28 is using webhook-based macro malware to target European organizations via malicious Office docs that connect back to control servers. Be cautious with attachments!
👉 sctocs.com/apt28-europe...

#Cybersecurity
#sctocs
#APT28
#malware
#ThreatAlert

CISA Warns Recently Patched RoundCube Vulnerabilities Are Now Being Exploited - SCtoCS CISA warns that recently patched RoundCube vulnerabilities are now being actively exploited, urging organizations to update and secure their systems immediately.

CISA warns that recently patched Roundcube Webmail vulnerabilities (including a critical RCE & XSS) are being actively exploited in the wild! Update your systems ASAP and apply fixes.
👉 sctocs.com/cisa-recentl...

#cybersecurity
#CISA
#Roundcube
#PatchNow
#sctocs

Wormable XMRig Campaign Leverages BYOVD Exploit And Time Based Logic Bomb - SCtoCS A wormable XMRig campaign is using a BYOVD exploit and a time based logic bomb to spread cryptomining malware and evade security defenses.

Wormable XMRig malware campaign uses BYOVD exploit and time-based logic bomb to spread and mine crypto — secure your systems and patch now 👇
👉 sctocs.com/wormable-xmr...

#Security #CyberAlert #Cryptomining

Malicious Npm Packages Steal Crypto Keys, CI Secrets, And API Tokens - SCtoCS Malicious npm packages are harvesting cryptocurrency keys, CI secrets, and API tokens, posing serious supply chain and developer security risks.

Malicious npm packages found stealing crypto keys, CI secrets & API tokens from dev systems. Vet dependencies & scan your supply chain!
👉 sctocs.com/malicious-np...

#cybersecurity #npm
#DevSecOps #ThreatAlert
#sctocs

MuddyWater Targets MENA Organizations Using GhostFetch, CHAR, And HTTP_VIP - SCtoCS MuddyWater is targeting MENA organizations with GhostFetch, CHAR, and HTTP_VIP malware, expanding cyber espionage operations across the region.

MuddyWater is actively attacking MENA organizations using GhostFetch, CHAR, and HTTP_VIP malware to maintain access and steal info. Stay alert and secure your networks 👇
👉 sctocs.com/muddywater-m...

#Security #CyberThreats
#cybersecurity #sctocs

AI Assisted Threat Actor Compromises Over 600 FortiGate Devices Across 55 Countries - SCtoCS An AI assisted threat actor has compromised more than 600 FortiGate devices across 55 countries, highlighting risks in automated cyberattack campaigns.

AI-assisted threat actors used generative AI to breach 600+ FortiGate firewalls across 55+ countries by attacking exposed management interfaces and weak credentials — not exploiting FortiGate bugs. Secure your devices!
👉 sctocs.com/ai-assisted-...

#Security #AI #Fortinet

CISA Adds Two Actively Exploited Roundcube Vulnerabilities To KEV Catalog - SCtoCS CISA has added two actively exploited Roundcube vulnerabilities to its Known Exploited Vulnerabilities catalog, warning organizations to apply fixes promptly.

CISA adds two actively exploited Roundcube vulnerabilities to its KEV Catalog — patch now and protect your webmail servers!

👉 sctocs.com/cisa-roundcu...

#CyberSecurity #CISA #InfoSec

Amazon Says AI Assisted Hacker Breached 600 Fortinet Firewalls In Five Weeks - SCtoCS Amazon reports an AI assisted hacker compromised 600 Fortinet firewalls within five weeks, highlighting growing risks of automated cyberattacks.

Amazon says an AI-assisted hacker used generative AI to breach 600+ FortiGate firewalls across 55 countries in 5 weeks by exploiting weak creds and exposed management interfaces. Learn how to defend your devices 👇
👉 sctocs.com/amazon-ai-as...

#Security #AI
#Fortinet #Firewall

PayPal Reveals Six Month Data Breach Exposing User Information - SCtoCS PayPal has disclosed a data breach that exposed user information over a six month period, raising concerns about account security and data protection.

PayPal confirms a data breach from July to December 2025 tied to a loan app error that exposed personal info, including SSNs and DOBs. Passwords reset & free credit monitoring offered.
👉 sctocs.com/paypal-six-m...

#Security #DataBreach
#PayPal #sctocs

Data Breach At French Bank Registry Affects 1.2 Million Accounts - SCtoCS A data breach at a French bank registry has exposed information linked to 1.2 million accounts, triggering concerns over financial data security and privacy.

A breach of France’s national bank account registry (FICOBA) exposed personal bank data for 1.2 million accounts after attackers used stolen credentials. While balances weren’t accessed, the leak could fuel identity theft and fraud.
👉 sctocs.com/data-breach-...

#Security #DataBreach
#France #sctocs

Mississippi Medical Center Shuts Down All Clinics Following Ransomware Attack - SCtoCS A Mississippi medical center has closed all clinics after a ransomware attack disrupted operations, raising concerns over patient data and healthcare security.

Ransomware forces shutdown of Mississippi medical clinics — The University of Mississippi Medical Center closed all 35+ clinics and canceled elective procedures after a cyberattack knocked out key systems. Recovery efforts continue.
👉 sctocs.com/mississippi-...

BeyondTrust Vulnerability Exploited To Deploy Web Shells, Backdoors, And Steal Data - SCtoCS A critical BeyondTrust flaw is being exploited to deploy web shells, backdoors, and exfiltrate sensitive data, posing serious enterprise security risks.

A BeyondTrust vulnerability is actively exploited to drop web shells, backdoors & steal data. Patch now and harden defenses!
👉 sctocs.com/beyondtrust-...

Cline CLI 2.3.0 Supply Chain Attack Deployed OpenClaw On Developer Systems - SCtoCS A supply chain attack targeting Cline CLI 2.3.0 resulted in OpenClaw being installed on developer systems, raising concerns over software distribution security.

Cline CLI 2.3.0 supply-chain attack deployed OpenClaw malware on developer systems via a compromised installer. Avoid this version & update once patched!
👉 sctocs.com/cline-cli-2-...

ClickFix Campaign Exploits Compromised Websites To Deploy MIMICRAT Malware - SCtoCS The ClickFix campaign is leveraging compromised websites to distribute MIMICRAT malware, expanding infections through web-based exploitation techniques.

The ClickFix Campaign uses compromised websites & malicious ads to deliver MIMICRAT malware that steals credentials and gives remote access. Stay vigilant!
👉 sctocs.com/clickfix-cam...

Ukrainian National Sentenced To 5Years In North Korea IT Worker Fraud Scheme - SCtoCS A Ukrainian national has been sentenced to five years in prison for involvement in a North Korea linked IT worker fraud scheme targeting global companies.

Ukrainian national sentenced to 5 years for aiding North Korean IT worker fraud—helped DPRK operatives secure jobs using stolen U.S. identities.
👉 sctocs.com/ukrainian-na...

FBI Reports 1,900 ATM Jackpotting Incidents Since 2020, $20M Lost In 2025 - SCtoCS The FBI reports 1,900 ATM jackpotting incidents since 2020, with $20 million lost in 2025 alone as cybercriminals target financial institutions.

FBI reports 1,900 ATM jackpotting incidents since 2020, with 700+ cases in 2025 and more than $20M lost. Malware is being used to make ATMs spit out cash without cards or accounts.
👉 sctocs.com/fbi-1900-atm...

Former Google Engineers Indicted For Transferring Trade Secrets To Iran - SCtoCS Three former Google engineers have been indicted for allegedly stealing trade secrets from Google and other tech firms and transferring the data to Iran.

Three former Google engineers indicted for stealing trade secrets and allegedly transferring sensitive tech data to Iran. They face federal charges including theft of trade secrets and obstruction of justice.
👉 sctocs.com/former-googl...

PromptSpy Android Malware Exploits Gemini AI To Automate Recent-Apps Persistence - SCtoCS PromptSpy Android malware leverages Gemini AI to automate persistence via recent-apps, allowing attackers to maintain control and steal sensitive device data.

PromptSpy — a new Android malware — uses Google’s Gemini AI to figure out how to stay pinned in Recent Apps and avoid removal. It can capture screens, block uninstall, and give remote access. Learn how this threat works
👉 sctocs.com/promptspy-an...

INTERPOL Operation Red Card 2.0 Leads To 651 Arrests In African Cybercrime Crackdown - SCtoCS INTERPOL’s Operation Red Card 2.0 has resulted in 651 arrests across Africa, targeting cybercriminal networks involved in online fraud and malware campaigns.

INTERPOL’s Operation Red Card 2.0 crackdown on online scams across 16 African countries has led to 651 arrests, over $4.3M recovered, and hundreds of malicious servers and IPs taken down.
👉 sctocs.com/interpol-red...

Microsoft Fixes CVE-2026-26119 Privilege Escalation Flaw In Windows Admin Center - SCtoCS Microsoft has patched CVE-2026-26119, a privilege escalation vulnerability in Windows Admin Center, preventing potential administrative account compromises.

Microsoft fixes CVE-2026-26119, a privilege escalation flaw in Windows Admin Center. Apply updates ASAP to protect your environment.
👉 sctocs.com/microsoft-pa...

Fake IPTV Apps Distribute Massiv Android Malware Targeting Mobile Banking Users - SCtoCS Fake IPTV apps are spreading the Massiv Android malware to target mobile banking users, aiming to steal financial credentials and sensitive data.

A new Android banking malware called Massiv is being spread through fake IPTV apps that users sideload outside official app stores. This malware can steal credentials and control your device.
👉 sctocs.com/fake-iptv-ap...

CRESCENTHARVEST Campaign Targets Iran Protest Supporters With RAT Malware - SCtoCS The CRESCENTHARVEST campaign uses protest-related lures to deploy RAT and info-stealing malware against Iran protest supporters in a targeted cyberespionage effort.

CRESCENTHARVEST malware is targeting Iran protest supporters by hiding a RAT and info-stealer inside seemingly real protest media and reports. Beware of unsolicited files promising protest updates — they may compromise your data.
👉 sctocs.com/crescentharv...

Grandstream GXP1600 VoIP Phones Vulnerable To Unauthenticated Remote Code Execution - SCtoCS Grandstream GXP1600 VoIP phones are exposed to an unauthenticated remote code execution vulnerability, putting enterprise communication systems at risk.

Grandstream GXP1600 VoIP phones are exposed to unauthenticated remote code execution — attackers could exploit without credentials. Check the details & stay protected:
👉 sctocs.com/grandstream-...

Critical Vulnerabilities Discovered In Four VS Code Extensions With Over 125 Million Installs - SCtoCS Researchers have uncovered critical vulnerabilities in four VS Code extensions with over 125 million installs, posing significant supply-chain security risks.

Critical security flaws found in four popular VS Code extensions with over 125M installs! Stay safe — check the details and protection tips:
sctocs.com/critical-vul...

Dell RecoverPoint For VMs Zero Day CVE-2026-22769 Exploited Since Mid 2024 - SCtoCS Dell RecoverPoint for VMs zero day vulnerability CVE-2026-22769 has been actively exploited since mid 2024, exposing systems to serious security risks.

Critical Dell RecoverPoint for VMs zero-day (CVE-2026-22769) has been exploited in the wild since mid-2024 by a suspected China-linked threat group! Patches are available — update now!

👉 sctocs.com/dell-recover...

Notepad++ Patches Hijacked Update Mechanism Exploited To Deliver Targeted Malware - SCtoCS Notepad++ has fixed a compromised update mechanism that was abused to deliver targeted malware, highlighting risks in software update channels.

Notepad++ patches hijacked update mechanism exploited to deliver targeted malware — update now!

👉 sctocs.com/notepad-plus...

CISA Identifies Four Actively Exploited Security Vulnerabilities In Latest KEV Update - SCtoCS CISA has added four security flaws to its Known Exploited Vulnerabilities catalog, warning that they are under active exploitation in the wild.

CISA flags four actively exploited vulnerabilities in the latest KEV update .

👉 sctocs.com/cisa-flags-f...

Researchers Demonstrate Copilot And Grok Can Be Exploited As Malware C2 Proxies - SCtoCS Researchers have shown that AI tools like Copilot and Grok can be exploited as command and control proxies by malware, highlighting new AI security risks.

Researchers demonstrate that AI tools like Copilot & Grok can be exploited as malware C2 proxies!

👉 sctocs.com/researchers-...

Keenadu Firmware Backdoor Infects Android Tablets Through Signed OTA Updates - SCtoCS Keenadu firmware backdoor infects Android tablets via signed OTA updates, allowing attackers to compromise devices and steal sensitive information.

Keenadu firmware backdoor is infecting Android tablets via signed OTA updates — a serious supply-chain risk!

👉 sctocs.com/keenadu-firm...

SmartLoader Attack Leverages Trojanized Oura MCP Server To Deploy StealC Infostealer - SCtoCS The SmartLoader attack uses a trojanized Oura MCP server to deploy the StealC infostealer, compromising sensitive data and highlighting supply-chain threats.

SmartLoader attack uses a trojanized Oura MCP server to deploy StealC infostealer malware!

👉 sctocs.com/smartloader-...