sctocs
@sctocs25
SCtoCS provides threat intelligence and security services to protect you from cyber threats. Learn more: https://sctocs.com/
New Browser Security Report warns: browsers are the new enterprise attack surface — risks include malicious extensions, session hijacking & token theft. 🔗 sctocs.com/browser-securi… #CyberSecurity #BrowserSecurity #Enterprise #ThreatIntel
Microsoft reveals “Whisper Leak” — an attack that infers AI chat topics by analyzing encrypted traffic patterns. No message decryption needed — just metadata. 🔗 sctocs.com/microsoft-whis… #CyberSecurity #AIPrivacy #Microsoft #ThreatIntel
Zero-click Samsung flaw (CVE-2025-21042) used to deliver LANDFALL spyware via WhatsApp images — can exfiltrate calls, mic, photos & location. Update your Galaxy now and heed vendor patches. 🔗 sctocs.com/samsung-zero-c… #MobileSecurity #Android #spyware
Alert: China-linked groups are reusing legacy bugs (Log4j, IIS, etc.) as espionage tools — attackers target old, unpatched systems to maintain persistence. Patch, monitor, and harden legacy servers. More: sctocs.com/china-hackers-…
Malicious NuGet packages with hidden logic bombs set to detonate years after install — a new long-delay supply-chain threat. Audit deps, pin versions, and require package signing. 🔗 sctocs.com/hidden-logic-b… #supplychainsecurity #NuGet
Malicious VS Code extension “Vibe-Coded” found with ransomware functionality built-in — encrypts project files & connected drives. 🔗 sctocs.com/vibe-coded-vs-… #CyberSecurity #VSCode #ransomwaredefense #supplychainattack
New tactic: attackers weaponize Windows Hyper-V to hide a Linux VM and bypass EDR — monitor Hyper-V activity, restrict VM creation, and enable virtualization logging. 🔗 sctocs.com/hackers-weapon… #CyberSecurity #EDR #Hypervault #ThreatIntel
Cisco warns of active firewall exploits — CVE-2025-20333 & CVE-2025-20362 — enabling remote code execution & auth bypass. Admins urged to patch ASAP. 🔗 sctocs.com/cisco-firewall… #CyberSecurity #cisco #zerodayattack #cventconnecteurope
Trojanized ESET installers spotted dropping Kalambur backdoor in phishing attacks on Ukrainian targets. Linked to Russian-aligned APT activity. 🔗 sctocs.com/trojanized-ese… #CyberSecurity #Ukraine #APT #MalwareDev
SonicWall confirms its Sept. cloud backup breach was the work of state-sponsored hackers — customer data exposure limited, mitigations in place. 🔗 sctocs.com/sonicwall-stat… #CyberSecurity #ThreatIntel #Sonicwall #APT
New espionage op: “SmudgedSerpent” hackers target U.S. policy experts amid rising Iran–Israel tensions, using fake policy briefs to deploy malware. 🔗 sctocs.com/smudgedserpent… #CyberSecurity #ThreatIntel #Espionage #MiddleEast
🇺🇸 U.S. sanctions 10 North Korean entities for laundering $12.7M via crypto & fraudulent IT schemes to fund weapons programs. 🔗 sctocs.com/us-sanctions-n… #CyberSecurity #CryptoCrime #NorthKorea #Sanctions
Major cybercrime alliance formed: Scattered Spider, LAPSUS$, and ShinyHunters are joining forces — combining tactics in social engineering, data theft & extortion. 🔗 sctocs.com/scattered-spid… #CyberSecurity #ThreatIntel #RansomwareGang #CyberCrime
Critical React Native CLI flaw exposed millions of developers to remote code execution risks. Update now & review project templates! 🔗 sctocs.com/critical-react… #CyberSecurity #reactnative #DevSecOps #Vulnerability
Europol & Eurojust dismantle a €600M crypto fraud network in a major global operation — 20+ arrests, assets seized, and fake investment sites shut down. 🔗 sctocs.com/europol-euroju… #CyberSecurity #CryptoFraud #Europol #FinancialCrime
Operation SkyCloak uses a Tor-enabled OpenSSH backdoor to infiltrate defense networks — enabling stealthy, persistent access. Full story 👉 sctocs.com/operation-skyc… #CyberSecurity #ThreatIntelligence #Defense #APT
New Microsoft Teams flaws let attackers impersonate colleagues & edit messages undetected, posing major phishing risks. Details 👉 sctocs.com/microsoft-team… #CyberSecurity #MicrosoftTeams #Vulnerability #InfoSec
Microsoft found SesameOp — a backdoor that uses the OpenAI Assistants API as a stealth C2 channel, enabling months-long espionage. Audit AI API traffic & tighten EDR. More: sctocs.com/microsoft-sesa… #CyberSecurity #ThreatIntelligence #AIsecurity.
U.S. prosecutors charge cybersecurity insiders for aiding BlackCat (ALPHV) ransomware operations — one of the first insider-linked ransomware cases. 🔗 sctocs.com/us-prosecutors… #CyberSecurity #Ransomware #BlackCat #insiderthreat
New VS Code threat: SleepyDuck VSX extension uses the Ethereum blockchain to keep its C2 server alive — making takedowns nearly impossible. More: sctocs.com/sleepyduck-vsx… #CyberSecurity #VSCode #Malware #Blockchain
United States Trends
- 1. South Carolina 31.2K posts
- 2. #EubankBenn2 25.3K posts
- 3. Bama 10K posts
- 4. Texas A&M 30.7K posts
- 5. Beamer 9,010 posts
- 6. Ryan Williams 1,465 posts
- 7. Ty Simpson 2,102 posts
- 8. Mateer 1,908 posts
- 9. Daniel Hill N/A
- 10. Makai Lemon N/A
- 11. Arbuckle N/A
- 12. Heisman 8,659 posts
- 13. Oklahoma 18.3K posts
- 14. Michigan 42.7K posts
- 15. Aggies 9,036 posts
- 16. Sellers 13.8K posts
- 17. Cuevas 6,316 posts
- 18. Gio Reyna N/A
- 19. #UFC322 22.9K posts
- 20. Northwestern 7,472 posts
Something went wrong.
Something went wrong.