AttackFeed by Joe Wagner | ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks  - The Hacker News

ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks  – The Hacker News

Posted on By [email protected] (The Hacker News)
Attack Feeds

The North Korean threat actor known as ScarCruft has been attributed to a fresh set of tools, including a backdoor that uses Zoho WorkDrive for command-and-control (C2) communications to fetch more payloads and an implant that uses removable media to relay commands and breach air-gapped networks.
The campaign, codenamed Ruby Jumper by Zscaler ThreatLabz, involves the deployment of malware  –

Read More  – The Hacker News 

You may also like

AttackFeed by Joe Wagner | 45,000 Attacks, 5,300+ Backdoors Tied to China-Linked Cybercrime Operation  - Hackread – Cybersecurity News, Data Breaches, AI and More
Attack Feeds
45,000 Attacks, 5,300+ Backdoors Tied to China-Linked Cybercrime Operation  – Hackread – Cybersecurity News, Data Breaches, AI and More
May 1, 2026
AttackFeed by Joe Wagner | Senators seek answers about hackers obtaining sensitive student data from ostensibly anonymous tip line  - CyberScoop
Attack Feeds
Senators seek answers about hackers obtaining sensitive student data from ostensibly anonymous tip line  – CyberScoop
April 27, 2026
AttackFeed by Joe Wagner | Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets  - The Hacker News
Attack Feeds
Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets  – The Hacker News
March 20, 2026
AttackFeed by Joe Wagner | Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft  - The Hacker News
Attack Feeds
Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft  – The Hacker News
May 1, 2026