1010.cx – cybersecurity / defense / intelligence

Lyrie.ai Unveils Open Standard for Agent Security and Joins Anthropic’s Cyber Verification Program

·

Press Release

DUBAI, UAE — May 14, 2026 — As autonomous AI agents begin to handle everything from corporate bank transfers to sensitive code deployments, the digital world is facing a new “Wild West” scenario: millions of autonomous entities operating without a badge or a passport. Today, OTT Cybersecurity LLC (the architects behind Lyrie.ai) announced a dual-milestone […]

The post Lyrie.ai Unveils Open Standard for Agent Security and Joins Anthropic’s Cyber Verification Program appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation

·

An anonymous cybersecurity researcher who disclosed three Microsoft Defender vulnerabilities has returned with two more zero-days involving a BitLocker bypass and a privilege escalation impacting Windows Collaborative Translation Framework (CTFMON). The security defects have been codenamed YellowKey and GreenPlasma, respectively, by the researcher, who goes by the online aliases Chaotic Eclipse

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
GitLab Security Flaw Allows Cross-Site Scripting and Unauthenticated DoS

·

CVE/vulnerability, cyber security, Cyber Security News, Dos Attack, vulnerability

GitLab has issued an urgent security update to neutralise a massive wave of vulnerabilities. Threat actors could exploit these newly disclosed flaws to silently hijack developer sessions or completely paralyze continuous integration pipelines with unauthenticated attacks. GitLab Security Flaw On May 13, 2026, GitLab released critical patch versions 18.11.3, 18.10.6, and 18.9.7 for both its […]

The post GitLab Security Flaw Allows Cross-Site Scripting and Unauthenticated DoS appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Hackers Hijack HWMonitor to Sideload Malicious DLL

·

cyber security, Cyber Security News

Hackers are once again exploiting user trust in legitimate software, this time abusing the popular CPUID HWMonitor utility to deliver a stealthy remote access trojan. The malicious archive mimics a legitimate installer, highlighting how trusted tools remain a powerful lure for initial access. The weaponized ZIP archive, distributed via a fake download link, contains the […]

The post Hackers Hijack HWMonitor to Sideload Malicious DLL appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Langflow CVE-2026-33017 Exploited to Steal AWS Keys, Deploy NATS Worker

·

cyber security, Cyber Security News, vulnerability

Langflow instances left unpatched against CVE-2026-33017 are now being actively abused not just for remote code execution, but as launchpads to steal AWS keys and join a NATS-backed botnet-style worker pool dubbed “KeyHunter.” The vulnerability, now listed in CISA’s Known Exploited Vulnerabilities (KEV) catalog, affects Langflow public flow-building endpoint and allows arbitrary Python execution without […]

The post Langflow CVE-2026-33017 Exploited to Steal AWS Keys, Deploy NATS Worker appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
PoC Released for 18-Year-Old NGINX Flaw Allowing Remote Code Execution

·

CVE/vulnerability, cyber security, Cyber Security News, PoC, vulnerability

A critical vulnerability in NGINX’s source code, hidden since 2008, has finally been exposed, and a working exploit is already in the wild. Security researchers at depthfirst have publicly released a proof-of-concept (PoC) exploit demonstrating unauthenticated remote code execution (RCE) against NGINX, the world’s most popular web server, powering nearly one-third of all websites globally. […]

The post PoC Released for 18-Year-Old NGINX Flaw Allowing Remote Code Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Packagist Warns: Update Composer Now After GitHub Actions Token Leak

·

cyber security, Cyber Security News, GitHub

A sudden change in GitHub’s token format has triggered an unexpected security vulnerability in Composer, exposing sensitive authentication tokens in CI/CD logs and forcing Packagist to issue an urgent warning to PHP developers worldwide. The issue stems from a mismatch between GitHub’s updated token structure and Composer’s outdated validation logic. As a result, certain GitHub […]

The post Packagist Warns: Update Composer Now After GitHub Actions Token Leak appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption

·

Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE) vulnerability that allows local attackers to gain root access, making it the third such bug to be identified in the kernel within a span of two weeks. Codenamed Fragnesia, the security vulnerability is tracked as CVE-2026-46300 (CVSS score: 7.8) and is rooted in the Linux kernel’s XFRM

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
New Exim BDAT GnuTLS Vulnerability Enables Code Execution Attacks

·

cyber security, Cyber Security News, vulnerability

A critical, stealthy vulnerability is lurking deep within Exim, the software powering a massive share of the world’s email infrastructure. Sitting exposed on the internet’s front lines, these message transfer agents are highly lucrative targets for ruthless threat actors. This newly unmasked memory corruption flaw arms attackers with the terrifying ability to remotely execute malicious […]

The post New Exim BDAT GnuTLS Vulnerability Enables Code Execution Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
MongoDB Security Flaw Enables Arbitrary Code Execution on Vulnerable Systems

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

The foundation of countless modern applications is under an emerging threat. A severe vulnerability in MongoDB could allow attackers to execute unauthorised code on targeted database servers undetected. Tracked officially as CVE-2026-8053, this critical flaw serves as a potential gateway to complete system compromise, forcing database administrators to respond rapidly to secure their sensitive infrastructure. […]

The post MongoDB Security Flaw Enables Arbitrary Code Execution on Vulnerable Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶