> TritonInfoSec News
Home / Mar 01, 2026 / Story
0
#8 The Hacker News general February 27, 2026 at 12:43 UTC

ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks

By [email protected] (The Hacker News)

AI Summary

North Korean threat actor ScarCruft deployed new malware tools including a backdoor using Zoho WorkDrive for command-and-control communications and USB-based implants to breach air-gapped networks. The Ruby Jumper campaign demonstrates advanced techniques for crossing network segmentation boundaries through removable media.

Read full article → https://thehackernews.com/2026/02/scarcruft-uses-z…

Relevance score: 80.0/100

# More from March 01

  1. 1
    $4.8M in crypto stolen after Korean tax agency exposes wallet seed BleepingComputer
  2. 2
    Canadian Tire Data Breach Impacts 38 Million Accounts SecurityWeek
  3. 3
    Who is the Kimwolf Botmaster “Dort”? Krebs on Security
  4. 4
    Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement The Hacker News
  5. 5
    QuickLens Chrome extension steals crypto, shows ClickFix attack BleepingComputer
  6. 6
    ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket The Hacker News
  7. 7
    900 Sangoma FreePBX Instances Infected With Web Shells SecurityWeek
  8. 9
    Juniper Networks PTX Routers Affected by Critical Vulnerability SecurityWeek
  9. 10
    Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor The Hacker News