@ScyScan profile picture
ScyScan @ScyScan

Keeping you informed with security info. Protect your digital assets with comprehensive suite of free online security and network tools.

Joined July 2024
  • Tweets 6,997
  • Following 13
  • Followers 60
339 Photos and videos
ScyScan @ScyScan
Apr 22
Malicious #KICS #Docker Images and VS Code Extensions Hit #Checkmarx Supply Chain scyscan.com/news/malicious-k…

Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain | ScyScan

Cybersecurity researchers have warned of malicious images pushed to the official "checkmarx/kics" Docker Hub repository. In an alert published today, softwar...

scyscan.com
66
ScyScan @ScyScan
Apr 22
Self-Propagating Supply Chain Worm Hijacks #npm #Packages to Steal #Developer Tokens scyscan.com/news/self-propag…

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens | ScyScan

Cybersecurity researchers have flagged a fresh set of packages that have been compromised by bad actors to deliver a self-propagating worm that spreads throu...

scyscan.com
7
ScyScan @ScyScan
Apr 22
#Harvester Deploys #Linux GoGra #Backdoor in South Asia Using #Microsoft Graph API scyscan.com/news/harvester-d…

Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API | ScyScan

The threat actor known as Harvester has been attributed to a new Linux version of its GoGra backdoor deployed as part of attacks likely targeting entities in...

scyscan.com
30
ScyScan @ScyScan
Apr 22
Spain dismantles major $4.7M #manga #piracy #platform, arrests four scyscan.com/news/spain-disma…

Spain dismantles major $4.7M manga piracy platform, arrests four | ScyScan

The Spanish police have dismantled the largest Spanish-language manga piracy platform, operating since 2014, with millions of monthly users from around the g...

scyscan.com
34
ScyScan @ScyScan
Apr 22
New #npm supply-chain #attack self-spreads to steal auth #tokens scyscan.com/news/new-npm-sup…

New npm supply-chain attack self-spreads to steal auth tokens | ScyScan

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages publ...

scyscan.com
11
ScyScan @ScyScan
Apr 22
#Microsoft #Teams to get #efficiency mode on PCs with limited resources scyscan.com/news/microsoft-t…

Microsoft Teams to get efficiency mode on PCs with limited resources | ScyScan

Microsoft is preparing to roll out a new Efficiency Mode for Microsoft Teams for systems with limited CPU and memory resources to improve app responsiveness.

scyscan.com
22
ScyScan @ScyScan
Apr 22
#Microsoft traces #Universal #Print issues to Graph API code change scyscan.com/news/microsoft-t…

Microsoft traces Universal Print issues to Graph API code change | ScyScan

Microsoft says that an ongoing Universal Print sharing issue that prevents users from creating some printer shares is due to a Microsoft Graph API code change.

scyscan.com
13
ScyScan @ScyScan
Apr 22
New #GoGra #malware for #Linux uses #Microsoft Graph API for comms scyscan.com/news/new-gogra-m…

New GoGra malware for Linux uses Microsoft Graph API for comms | ScyScan

A Linux variant of the GoGra backdoor uses legitimate Microsoft infrastructure, relying on an Outlook inbox for stealthy payload delivery.

scyscan.com
31
ScyScan @ScyScan
Apr 22
#Microsoft releases emergency patches for critical #ASP.NET #flaw scyscan.com/news/microsoft-r…

Microsoft releases emergency patches for critical ASP.NET flaw | ScyScan

Microsoft has released out-of-band (OOB) security updates to patch a critical ASP.NET Core privilege escalation vulnerability.

scyscan.com
33
ScyScan @ScyScan
Apr 22
Over 1,300 #Microsoft #SharePoint #servers vulnerable to spoofing attacks scyscan.com/news/over-1300-m…

Over 1,300 Microsoft SharePoint servers vulnerable to spoofing attacks | ScyScan

Over 1,300 Microsoft SharePoint servers exposed online remain unpatched against a spoofing vulnerability that was exploited as a zero-day and is still being ...

scyscan.com
17
ScyScan @ScyScan
Apr 22
#Lotus #Wiper #Malware Targets Venezuelan Energy Systems in #Destructive Attack scyscan.com/news/lotus-wiper…

Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack | ScyScan

Cybersecurity researchers have discovered a previously undocumented data wiper that has been used in attacks targeting Venezuela at the end of last year and ...

scyscan.com
49
ScyScan @ScyScan
Apr 22
#Toxic #Combinations: When Cross-App #Permissions Stack into Risk scyscan.com/news/toxic-combi…

Toxic Combinations: When Cross-App Permissions Stack into Risk | ScyScan

On January 31, 2026, researchers disclosed that Moltbook, a social network built for AI agents, had left its database wide open, exposing 35,000 email addres...

scyscan.com
57
ScyScan @ScyScan
Apr 22
#Progress Software fixes sneaky #WAF bypass vulnerability (#CVE-2026-21876) scyscan.com/news/progress-so…

Progress Software fixes sneaky WAF bypass vulnerability (CVE-2026-21876) | ScyScan

Progress Software has fixed a slew of high-severity vulnerabilities in MOVEit WAF and LoadMaster, including a flaw (CVE-2026-21876) that may allow attackers ...

scyscan.com
54
ScyScan @ScyScan
Apr 22
#Microsoft Patches Critical #ASP.NET #Core #CVE-2026-40372 Privilege Escalation Bug scyscan.com/news/microsoft-p…

Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug | ScyScan

Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to escalate privileges. The vulne...

scyscan.com
127
ScyScan @ScyScan
Apr 22
Mustang Panda’s New #LOTUSLITE Variant Targets #India Banks, South Korea #Policy Circles scyscan.com/news/mustang-pan…

Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles | ScyScan

Cybersecurity researchers have discovered a new variant of a known malware called LOTUSLITE that's distributed via a theme related to India's banking sector....

scyscan.com
21
ScyScan @ScyScan
Apr 22
Cohere AI Terrarium #Sandbox Flaw Enables Root #Code Execution, #Container Escape scyscan.com/news/cohere-ai-t…

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape | ScyScan

A critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium that could result in arbitrary code execution. The vulnerabil...

scyscan.com
28
ScyScan @ScyScan
Apr 22
French govt #agency confirms breach as #hacker offers to sell #data scyscan.com/news/french-govt…

French govt agency confirms breach as hacker offers to sell data | ScyScan

France Titres, the government agency in France for issuing and managince administrative documents has disclosed a data breach after a threat actor claimed th...

scyscan.com
20
ScyScan @ScyScan
Apr 21
#SystemBC C2 Server Reveals 1,570 Victims in The #Gentlemen #Ransomware Operation scyscan.com/news/systembc-c2…

SystemBC C2 Server Reveals 1,570 Victims in The Gentlemen Ransomware Operation | ScyScan

Threat actors associated with The Gentlemen ransomware‑as‑a‑service (RaaS) operation have been observed attempting to deploy a known proxy malware called Sys...

scyscan.com
27
ScyScan @ScyScan
Apr 21
New #Lotus #data #wiper used against Venezuelan energy, utility firms scyscan.com/news/new-lotus-d…

New Lotus data wiper used against Venezuelan energy, utility firms | ScyScan

A previously undocumented data-wiping malware dubbed Lotus was used last year in targeted attacks against energy and utilities organizations in Venezuela.

scyscan.com
27
ScyScan @ScyScan
Apr 21
22 BRIDGE:BREAK Flaws Expose Thousands of #Lantronix and Silex #Serial-to-IP #Converters scyscan.com/news/22-bridgebr…

22 BRIDGE:BREAK Flaws Expose Thousands of Lantronix and Silex Serial-to-IP Converters | ScyScan

Cybersecurity researchers have identified 22 new vulnerabilities in popular models of serial-to-IP converters from Lantronix and Silex that could be exploite...

scyscan.com
20
Load more