SCtoCS
@sctocs.bsky.social
SCtoCS is your go-to partner for complete cyber protection and for latest Cyber Security News.
New StackWarp hardware flaw breaks AMD SEV-SNP VM protections on Zen 1–5 CPUs, letting privileged hosts manipulate VMs and expose secrets. Patch now!
sctocs.com/stackwarp-ha...
sctocs.com/stackwarp-ha...
New StackWarp Hardware Flaw Breaks AMD SEV SNP Protections On Zen 1 To 5 CPUs - SCtoCS
A new StackWarp hardware flaw undermines AMD SEV SNP protections across Zen 1 to 5 CPUs, exposing risks to confidential computing.
sctocs.com
January 19, 2026 at 7:44 PM
New StackWarp hardware flaw breaks AMD SEV-SNP VM protections on Zen 1–5 CPUs, letting privileged hosts manipulate VMs and expose secrets. Patch now!
sctocs.com/stackwarp-ha...
sctocs.com/stackwarp-ha...
CrashFix Chrome extension crashes browsers and lures users into installing the ModeloRAT RAT—be cautious of fake fixes and untrusted extensions.
sctocs.com/crashfix-chr...
sctocs.com/crashfix-chr...
CrashFix Chrome Extension Spreads ModeloRAT Using ClickFix Style Browser Crash Lures - SCtoCS
The CrashFix Chrome extension is delivering ModeloRAT by using ClickFix style browser crash lures to trick users into infection.
sctocs.com
January 19, 2026 at 6:20 PM
CrashFix Chrome extension crashes browsers and lures users into installing the ModeloRAT RAT—be cautious of fake fixes and untrusted extensions.
sctocs.com/crashfix-chr...
sctocs.com/crashfix-chr...
Researchers exploited a security flaw in the StealC malware panel to monitor active threat actor sessions and gather system fingerprints — turning the attackers’ own infrastructure against them.
sctocs.com/security-bug...
sctocs.com/security-bug...
Security Flaw In StealC Malware Panel Allows Researchers To Monitor Threat Actor Operations - SCtoCS
A security bug in the StealC malware control panel allowed researchers to observe and analyze active threat actor operations.
sctocs.com
January 19, 2026 at 5:42 PM
Researchers exploited a security flaw in the StealC malware panel to monitor active threat actor sessions and gather system fingerprints — turning the attackers’ own infrastructure against them.
sctocs.com/security-bug...
sctocs.com/security-bug...
Black Basta ransomware leader Oleg Nefedov has been added to the EU Most Wanted list and issued an INTERPOL Red Notice for involvement in major ransomware attacks.
sctocs.com/black-basta-...
sctocs.com/black-basta-...
Black Basta Ransomware Leader Added To EU Most Wanted List And INTERPOL Red Notice - SCtoCS
The leader of the Black Basta ransomware group has been added to the EU Most Wanted list and issued an INTERPOL Red Notice.
sctocs.com
January 19, 2026 at 7:41 AM
Black Basta ransomware leader Oleg Nefedov has been added to the EU Most Wanted list and issued an INTERPOL Red Notice for involvement in major ransomware attacks.
sctocs.com/black-basta-...
sctocs.com/black-basta-...
GootLoader malware uses 500–1,000 concatenated ZIP archives to evade detection—stay alert and inspect complex archives.
sctocs.com/gootloader-m...
sctocs.com/gootloader-m...
GootLoader Malware Uses 500-1,000 Concatenated ZIP Archives To Evade Detection - SCtoCS
GootLoader malware leverages hundreds of concatenated ZIP archives to evade detection and deliver malicious payloads effectively.
sctocs.com
January 17, 2026 at 10:45 AM
GootLoader malware uses 500–1,000 concatenated ZIP archives to evade detection—stay alert and inspect complex archives.
sctocs.com/gootloader-m...
sctocs.com/gootloader-m...
Five malicious Chrome extensions posing as Workday/NetSuite tools are stealing tokens and enabling account hijacks—remove them and reset credentials now.
sctocs.com/malicious-ch...
sctocs.com/malicious-ch...
Five Malicious Chrome Extensions Masquerade As Workday And NetSuite To Hijack Accounts - SCtoCS
Five malicious Chrome extensions are impersonating Workday and NetSuite to steal credentials and hijack user accounts.
sctocs.com
January 17, 2026 at 10:31 AM
Five malicious Chrome extensions posing as Workday/NetSuite tools are stealing tokens and enabling account hijacks—remove them and reset credentials now.
sctocs.com/malicious-ch...
sctocs.com/malicious-ch...
Campaign deploying LOTUSLITE backdoor via Venezuela-themed spear phishing targets U.S. policy and government entities—watch out for malicious ZIPs.
sctocs.com/lotuslite-ba...
sctocs.com/lotuslite-ba...
LOTUSLITE Backdoor Targets U.S. Policy Entities Through Venezuela-Themed Spear Phishing - SCtoCS
The LOTUSLITE backdoor is targeting U.S. policy entities using Venezuela-themed spear phishing campaigns to gain covert access.
sctocs.com
January 17, 2026 at 10:07 AM
Campaign deploying LOTUSLITE backdoor via Venezuela-themed spear phishing targets U.S. policy and government entities—watch out for malicious ZIPs.
sctocs.com/lotuslite-ba...
sctocs.com/lotuslite-ba...
China-linked APT UAT-8837 is exploiting a Sitecore zero-day to infiltrate critical infrastructure and steal credentials—patch now and monitor for suspicious access.
sctocs.com/china-linked...
sctocs.com/china-linked...
China-Linked APT Exploits Sitecore Zero-Day In Critical Infrastructure Attacks - SCtoCS
A China-linked APT exploited a Sitecore zero-day vulnerability in attacks targeting critical infrastructure environments.
sctocs.com
January 17, 2026 at 9:42 AM
China-linked APT UAT-8837 is exploiting a Sitecore zero-day to infiltrate critical infrastructure and steal credentials—patch now and monitor for suspicious access.
sctocs.com/china-linked...
sctocs.com/china-linked...
Cisco patches critical zero-day RCE vulnerability (CVE-2025-20393) exploited by a China-linked APT in Secure Email Gateways—apply the update now.
sctocs.com/cisco-patche...
sctocs.com/cisco-patche...
Cisco Patches Zero-Day RCE Exploited By China-Linked APT In Secure Email Gateways - SCtoCS
Cisco has patched a zero-day remote code execution flaw exploited by a China-linked APT targeting secure email gateways.
sctocs.com
January 17, 2026 at 8:10 AM
Cisco patches critical zero-day RCE vulnerability (CVE-2025-20393) exploited by a China-linked APT in Secure Email Gateways—apply the update now.
sctocs.com/cisco-patche...
sctocs.com/cisco-patche...
AWS CodeBuild misconfiguration exposed GitHub repositories to potential supply chain attacks—check your settings now.
sctocs.com/aws-codebuil...
sctocs.com/aws-codebuil...
AWS CodeBuild Misconfiguration Exposed GitHub Repositories To Potential Supply Chain Attacks - SCtoCS
An AWS CodeBuild misconfiguration exposed GitHub repositories, creating potential risks for supply chain attacks and code compromise.
sctocs.com
January 17, 2026 at 7:45 AM
AWS CodeBuild misconfiguration exposed GitHub repositories to potential supply chain attacks—check your settings now.
sctocs.com/aws-codebuil...
sctocs.com/aws-codebuil...
Critical WordPress Modular DS plugin flaw is being actively exploited to gain admin access—update now.
sctocs.com/critical-wor...
sctocs.com/critical-wor...
Critical WordPress Modular DS Plugin Vulnerability Actively Exploited To Gain Admin Access - SCtoCS
A critical flaw in the WordPress Modular DS plugin is being actively exploited, allowing attackers to gain administrator access.
sctocs.com
January 17, 2026 at 7:25 AM
Critical WordPress Modular DS plugin flaw is being actively exploited to gain admin access—update now.
sctocs.com/critical-wor...
sctocs.com/critical-wor...
New Reprompt attack lets hackers steal data from Microsoft Copilot with just one click via URL prompt manipulation. Microsoft has issued a fix.
sctocs.com/reprompt-att...
sctocs.com/reprompt-att...
Researchers Disclose Reprompt Attack Enabling One-Click Data Exfiltration From Microsoft Copilot - SCtoCS
Researchers reveal a reprompt attack that allows single-click data exfiltration from Microsoft Copilot, raising serious AI security concerns.
sctocs.com
January 17, 2026 at 7:10 AM
New Reprompt attack lets hackers steal data from Microsoft Copilot with just one click via URL prompt manipulation. Microsoft has issued a fix.
sctocs.com/reprompt-att...
sctocs.com/reprompt-att...
Microsoft disrupts RedVDS cybercrime infrastructure through legal action, targeting online fraud operations.
sctocs.com/microsoft-le...
sctocs.com/microsoft-le...
Microsoft Legal Action Disrupts RedVDS Cybercrime Infrastructure Behind Online Fraud - SCtoCS
Microsoft's legal measures have disrupted the RedVDS cybercrime infrastructure, targeting operations responsible for online fraud.
sctocs.com
January 16, 2026 at 1:22 AM
Microsoft disrupts RedVDS cybercrime infrastructure through legal action, targeting online fraud operations.
sctocs.com/microsoft-le...
sctocs.com/microsoft-le...
Researchers have null-routed 550+ Kimwolf & Aisuru botnet C2 servers, taking down key malicious infrastructure.
sctocs.com/researchers-...
sctocs.com/researchers-...
Researchers Null-Route More Than 550 Kimwolf And Aisuru Botnet Command Servers - SCtoCS
Researchers have null-routed over 550 Kimwolf and Aisuru botnet command servers, disrupting large-scale malicious operations.
sctocs.com
January 16, 2026 at 1:02 AM
Researchers have null-routed 550+ Kimwolf & Aisuru botnet C2 servers, taking down key malicious infrastructure.
sctocs.com/researchers-...
sctocs.com/researchers-...
Hackers are abusing c-ares DLL side-loading to evade security tools and deliver malware.
sctocs.com/hackers-expl...
sctocs.com/hackers-expl...
Hackers Abuse C-ares DLL Side-Loading To Evade Security And Deploy Malware - SCtoCS
Hackers are exploiting c-ares DLL side-loading techniques to bypass security controls and deploy malware on targeted systems.
sctocs.com
January 15, 2026 at 10:34 PM
Hackers are abusing c-ares DLL side-loading to evade security tools and deliver malware.
sctocs.com/hackers-expl...
sctocs.com/hackers-expl...
Fortinet patches a critical FortiSIEM flaw that allowed unauthenticated remote code execution—apply the update now.
🔗 sctocs.com/fortinet-fix...
🔗 sctocs.com/fortinet-fix...
Fortinet Patches Critical FortiSIEM Vulnerability Allowing Unauthenticated Remote Code Execution - SCtoCS
Fortinet has fixed a critical FortiSIEM vulnerability that allowed unauthenticated remote code execution, posing serious risks to enterprise networks.
sctocs.com
January 15, 2026 at 10:09 PM
Fortinet patches a critical FortiSIEM flaw that allowed unauthenticated remote code execution—apply the update now.
🔗 sctocs.com/fortinet-fix...
🔗 sctocs.com/fortinet-fix...
New PLUGGYAPE malware campaign targeting Ukrainian Defense Forces via Signal & WhatsApp using fake charity messages.
sctocs.com/pluggyape-ma...
sctocs.com/pluggyape-ma...
PLUGGYAPE Malware Uses Signal And WhatsApp To Target Ukrainian Defense Forces - SCtoCS
PLUGGYAPE malware leverages Signal and WhatsApp to target Ukrainian defense forces, highlighting evolving tactics in cyber warfare.
sctocs.com
January 15, 2026 at 9:55 PM
New PLUGGYAPE malware campaign targeting Ukrainian Defense Forces via Signal & WhatsApp using fake charity messages.
sctocs.com/pluggyape-ma...
sctocs.com/pluggyape-ma...
Long-running web skimming campaign stealing credit card data at online checkout pages—critical warning for e-commerce and consumers.
sctocs.com/long-running...
sctocs.com/long-running...
Long-Running Web Skimming Campaign Steals Credit Card Data From Online Checkout Pages - SCtoCS
A long-running web skimming campaign has been stealing credit card details from online checkout pages, impacting e-commerce security.
sctocs.com
January 15, 2026 at 9:37 PM
Long-running web skimming campaign stealing credit card data at online checkout pages—critical warning for e-commerce and consumers.
sctocs.com/long-running...
sctocs.com/long-running...
New malware campaign spreads Remcos RAT through a multi-stage Windows attack. Security professionals should take note.
sctocs.com/malware-camp...
sctocs.com/malware-camp...
New Malware Campaign Spreads Remcos RAT Via Multi-Stage Windows Attack - SCtoCS
A new malware campaign is delivering Remcos RAT through a multi-stage Windows attack, enabling remote access and data theft.
sctocs.com
January 13, 2026 at 8:12 PM
New malware campaign spreads Remcos RAT through a multi-stage Windows attack. Security professionals should take note.
sctocs.com/malware-camp...
sctocs.com/malware-camp...
New VoidLink malware is hitting Linux cloud & container environments—something every security pro should know about.
sctocs.com/advanced-voi...
sctocs.com/advanced-voi...
New Advanced VoidLink Malware Targets Linux Cloud And Container Environments - SCtoCS
A new advanced Linux VoidLink malware is targeting cloud and container environments, raising serious concerns for modern infrastructure security.
sctocs.com
January 13, 2026 at 7:47 PM
New VoidLink malware is hitting Linux cloud & container environments—something every security pro should know about.
sctocs.com/advanced-voi...
sctocs.com/advanced-voi...
A malicious Chrome extension posing as a trading tool is stealing MEXC API keys!
👉 sctocs.com/malicious-ch...
👉 sctocs.com/malicious-ch...
Malicious Chrome Extension Steals MEXC API Keys While Posing As A Trading Tool - SCtoCS
A malicious Chrome extension disguised as a trading tool was found stealing MEXC API keys, putting crypto users and assets at risk.
sctocs.com
January 13, 2026 at 7:24 PM
A malicious Chrome extension posing as a trading tool is stealing MEXC API keys!
👉 sctocs.com/malicious-ch...
👉 sctocs.com/malicious-ch...
ServiceNow patches critical AI platform flaw (CVE-2025-12420) that allowed unauthenticated user impersonation!
👉 sctocs.com/servicenow-p...
👉 sctocs.com/servicenow-p...
ServiceNow Fixes Critical AI Platform Flaw Enabling Unauthenticated User Impersonation - SCtoCS
ServiceNow patches a critical AI platform vulnerability that allowed unauthenticated attackers to impersonate users and access systems.
sctocs.com
January 13, 2026 at 6:54 PM
ServiceNow patches critical AI platform flaw (CVE-2025-12420) that allowed unauthenticated user impersonation!
👉 sctocs.com/servicenow-p...
👉 sctocs.com/servicenow-p...
CISA warns of active exploitation of a critical Gogs vulnerability (CVE-2025-8110) that allows remote code execution!
Patch fast & lock down exposed servers!
👉 sctocs.com/cisa-warns-a...
Patch fast & lock down exposed servers!
👉 sctocs.com/cisa-warns-a...
CISA Alerts On Active Exploitation Of Gogs Vulnerability Allowing Code Execution - SCtoCS
CISA warns that attackers are actively exploiting a Gogs vulnerability that enables remote code execution, posing serious security risks.
sctocs.com
January 13, 2026 at 6:34 PM
CISA warns of active exploitation of a critical Gogs vulnerability (CVE-2025-8110) that allows remote code execution!
Patch fast & lock down exposed servers!
👉 sctocs.com/cisa-warns-a...
Patch fast & lock down exposed servers!
👉 sctocs.com/cisa-warns-a...
n8n supply chain attack abuses community nodes to steal OAuth tokens!
Audit nodes & revoke suspicious tokens now! 🔐
👉 sctocs.com/n8n-supply-c...
Audit nodes & revoke suspicious tokens now! 🔐
👉 sctocs.com/n8n-supply-c...
N8n Supply Chain Attack Exploits Community Nodes To Hijack OAuth Tokens - SCtoCS
A supply chain attack targeting n8n abused malicious community nodes to steal OAuth tokens, putting developer accounts and workflows at risk.
sctocs.com
January 12, 2026 at 6:56 PM
n8n supply chain attack abuses community nodes to steal OAuth tokens!
Audit nodes & revoke suspicious tokens now! 🔐
👉 sctocs.com/n8n-supply-c...
Audit nodes & revoke suspicious tokens now! 🔐
👉 sctocs.com/n8n-supply-c...
GoBruteforcer botnet is attacking crypto project databases by exploiting weak credentials on exposed services like FTP and MySQL!
Strengthen passwords & harden configs now!
👉 sctocs.com/gobruteforce...
Strengthen passwords & harden configs now!
👉 sctocs.com/gobruteforce...
GoBruteforcer Botnet Targets Crypto Project Databases By Exploiting Weak Credentials - SCtoCS
The GoBruteforcer botnet is attacking crypto project databases by exploiting weak credentials through large-scale brute-force attempts.
sctocs.com
January 12, 2026 at 6:32 PM
GoBruteforcer botnet is attacking crypto project databases by exploiting weak credentials on exposed services like FTP and MySQL!
Strengthen passwords & harden configs now!
👉 sctocs.com/gobruteforce...
Strengthen passwords & harden configs now!
👉 sctocs.com/gobruteforce...