scworld.com

Outlet metrics

Domain Authority

Ranking

Global

#259663

United States

#192134

Computers Electronics and Technology/Computer Security

#561

Traffic sources

Monthly visitors

Articles

Open-source Chaos RAT used in recent attacks targeting Linux

3 days ago | scworld.com | Laura French

The open-source Chaos Remote Administration Tool (RAT) continues to be used in cyberattacks with new variants discovered by the Acronis Threat Research Unit (TRU), the cybersecurity company reported Wednesday. Chaos RAT, available on GitHub, enables users to control remote Windows and Linux systems via a reverse shell and perform tasks, including file management and command execution.
Open-source code repos open to supply chain attacks, researchers warn

3 days ago | scworld.com | Steve Zurier

Multiple malicious packages were discovered causing supply chain incidents across leading open-source code repos such as npm, PyPI and RubyGems. While repos speed development, the issue highlights how the packages expose dev teams to security risks. The issues around open-source repos were brought up in reports by leading research groups over the past several weeks, including Checkmarx, ReversingLabs, and Socket, according to The Hacker News.
Google to drop trust of Chunghwa and NetLock certificates from Chrome

3 days ago | scworld.com | Shaun Nichols

Google said its Chrome browser will drop trust for certificates issued by two organizations it says have been lapsing in security. As of August, the web and search giant said it will no longer trust certificates issued by certificate authorities Chunghwa Telecom and NetLock for failing to meet security and trust standards.
Android trojan ‘Crocodilus’ hijacks accessibility settings for control

4 days ago | scworld.com | Laura French

The Android banking trojan Crocodilus, which hijacks accessibility features for remote access and control, has spread globally and gained new features since its discovery in March 2025, according to Threat Fabric. Crocodilus initially targeted victims in Turkey, where it is believed to have originated, and has expanded its reach to South America, the United States, parts of Asia and the rest of Europe.
Cartier, North Face, MainStreet Bank among retailers struck by cyberattacks

4 days ago | scworld.com | Steve Zurier

Cyberattacks on retailers continued as Reuters reported that luxury jewelry retailer Cartier told its customers that its website had been hacked and some client data was stolen. Outdoor retailer North Face told customers that its personal information was stolen in credential-stuffing attacks that targeted the company’s website in April, a sign that U.S. retailers should expect more of such attacks.
Microsoft, CrowdStrike pitch giving threat groups the same name

4 days ago | scworld.com | Shaun Nichols

Microsoft and Crowdstrike are joining forces in an effort to create a common vocabulary for threat actors and cyberattack operations. The two cybersecurity giants said that they want to develop a common nomenclature for cybersecurity operations that can easily be used to identify threat actors based on their nationality and motivations. The companies said that the combined effort was designed to eliminate the complexity and confusion that comes with naming threat actors.
Docker, HashiCorp, Gitea servers targeted in cryptojacking campaign

5 days ago | scworld.com | Laura French

A cryptojacking campaign is targeting DevOps web servers of Docker, HashiCorp Nomad, HashiCorp Consul and Gitea, the Wiz Threat Research team reported Monday. The attackers, tracked as JINX-0132, leveraged misconfigurations or vulnerabilities that leave DevOps servers internet-exposed and susceptible to malicious deployment of the open-source XMRig cryptomining software.
Cisco IOS XE bug rated 10.0: 'Waiting is not an option,' pros say

5 days ago | scworld.com | Steve Zurier

The details about a 10.0 Cisco IOS XE Wireless LAN Controller (WLC) flaw that Cisco patched May 7 have been made public, bringing the industry closer to a working exploit and prompting security pros to tell teams to patch right away. "This is a ‘drop everything and fix it’ kind of bug," said Casey Ellis, founder of Bugcrowd.
A New Identity: Why SaaS May Be the Identity Risk No One’s Talking About

5 days ago | scworld.com | Karen Epper Hoffman

You’re only as strong as your weakest link—or your weakest identity. That proverb carries fresh urgency in today’s enterprise IT landscape, especially when evaluating the cyber risk introduced by third-party vendors, particularly those offering software-as-a-service (SaaS). When “trusted” turns riskyThe core security dilemma is clear: the more relationships you label as “trusted,” the larger your attack surface grows.
From automation to agency: The next leap in cyber defense

5 days ago | scworld.com | Bill Brenner

As AI becomes the weapon of choice for cybercriminals, defenders must rethink their own approach to artificial intelligence. Automation alone is no longer enough. The future lies in agentic AI—intelligent systems capable of planning, learning, adapting, and acting on behalf of human operators. This article explores the next evolution of Managed Detection and Response (MDR), where agentic AI augments human analysts, enhances SOC performance, and paves the way for autonomous decision-making.