Skip to content

1010.cx

  • GodDamn Ransomware Attack Uses PsExec Lateral Movement and NirSoft Toolkit for Credential Theft

    ·

    cyber security, Cyber Security News, Ransomware

    A targeted GodDamn ransomware incident shows the payload is not entirely new but the latest rebrand of a long-running family. Analysis reveals strong code overlap with Beast (the 2024 rebrand of Monster), and the operational playbook mirrors earlier Hyadina campaigns. Stealthy foothold, credential harvesting using NirSoft utilities, kernel-level defense subversion, remote-access tooling, and PsExec-driven lateral […]

    The post GodDamn Ransomware Attack Uses PsExec Lateral Movement and NirSoft Toolkit for Credential Theft appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • When “Secure” Cameras Become Peep Shows: 1M+ Baby Monitors Left Families Exposed

    ·

    Blogs
    This week in cybersecurity from the editors at Cybercrime Magazine

    Sausalito, Calif. – Jul. 9, 2026

    – Listen to the podcast

    Strangers were watching your children sleep. For months, anyone with basic technical knowledge could access 1.1 million baby monitors and security cameras worldwide—no hacking required, just clicking a link.

    Yahoo Tech! reports French cybersecurity researcher Sammy Azdoufal discovered the vulnerability affecting devices you likely trusted to protect your family, cameras sold under familiar Amazon brands like Arenti, Boifun, and ieGeek.

    A single extracted key unlocked feeds across 118 countries, revealing the dark side of cheap cloud-connected devices.

    “I can retrieve the picture without any passwords, no cracking, no hacking. I just click on the URL, and this image is showing,” Azdoufal explained to The Verge. The researcher accessed intimate scenes—children’s bedrooms with Hello Kitty decorations, toddlers looking directly into cameras, family moments that should never have been public.

    This all happened because Meari Technology, the Chinese manufacturer behind these white-label cameras, built their system like a house with every door unlocked. Azdoufal recently joined host Heather Engel on the Cybercrime Magazine Podcast for a deep dive into his research, regulations in the consumer IoT industry, and more.

    Listen to the Podcast episode


    Cybercrime Magazine · Over 1M Baby Monitors Expose Families To Digital Voyeurs. Sammy Azdoufal, Cybersecurity Researcher. 

    Cybercrime Magazine is Page ONE for Cybersecurity. Go to any of our sections to read the latest:

    • SCAM. The latest schemes, frauds, and social engineering attacks being launched on consumers globally.
    • NEWS. Breaking coverage on cyberattacks and data breaches, and the most recent privacy and security stories.
    • HACK. Another organization gets hacked every day. We tell you who, what, where, when, and why.
    • VC. Cybersecurity venture capital deal flow with the latest investment activity from various sources around the world.
    • M&A. Cybersecurity mergers and acquisitions including big tech, pure cyber, product vendors and professional services.
    • BLOG. What’s happening at Cybercrime Magazine. Plus the stories that don’t make headlines (but maybe they should).
    • PRESS. Cybersecurity industry news and press releases in real time from the editors at Business Wire.
    • PODCAST. New episodes daily on the Cybercrime Magazine Podcast feature victims, law enforcement, vendors, and cybersecurity experts.
    • RADIO. Tune into WCYB Digital Radio at Cybercrime.Radio, the first and only round-the-clock internet radio station devoted to cybersecurity.

    Contact us to send story tips, feedback and suggestions, and for sponsorship opportunities and custom media productions.

    The post When “Secure” Cameras Become Peep Shows: 1M+ Baby Monitors Left Families Exposed appeared first on Cybercrime Magazine.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • AI Attacks Move in Minutes. Join This Webinar on Building a Defense That Keeps Up

    ·

    AI has changed how fast attacks move. Work that once took an attacker days now takes minutes. Using models like Mythos, attackers write tailored bait, pick targets, test what lands, and jump to the next host before your team clears the first alert. That is the gap, and it is not your fault. The tools and runbooks most teams run on were built for attackers who work at human speed. AI-driven

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Attackers Exploit WordPress Plugin Vulnerabilities for Remote Code Execution and Webshell Access

    ·

    cyber security, Cyber Security News, Word press

    A large-scale exploitation campaign is actively weaponising known vulnerabilities across multiple content management systems, with WordPress plugins forming the primary attack surface. Cyber actors are scanning the internet for vulnerable sites and chaining unauthenticated file upload, remote code execution (RCE), server-side request forgery (SSRF) and deserialization vulnerabilities to deploy webshells that grant persistent remote access. […]

    The post Attackers Exploit WordPress Plugin Vulnerabilities for Remote Code Execution and Webshell Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • HP Linux Imaging and Printing Software Flaw Enables Privilege Escalation Attacks

    ·

    CVE/vulnerability, cyber security, Cyber Security News, Vulnerabilities, vulnerability

    A critical vulnerability has been discovered in HP Linux Imaging and Printing Software (HPLIP), which exposes Linux systems to potential privilege escalation and remote code execution attacks. This vulnerability, tracked as CVE-2026-14544, has a CVSS v3 score of 9.8, indicating maximum severity due to its potential for network exploitation, low attack complexity, and lack of […]

    The post HP Linux Imaging and Printing Software Flaw Enables Privilege Escalation Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • GhostApproval Flaws Let Top AI Coding Tools Write Outside Workspaces

    ·

    AI, Amazon, Anthropic, Artificial Intelligence, Augment, Cognition, Cursor, cybersecurity, GhostApproval, Google, Privacy, Security, Windsurf
    Wiz found GhostApproval symlink flaws in major AI coding assistants that could hide sensitive file targets, bypass approval checks and enable system access too.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • AssuranceAmerica Confirms Massive Data Breach Exposing Driver’s License and Insurance Data

    ·

    cyber security, Cyber Security News, Data Breach, vulnerability

    AssuranceAmerica, a U.S. provider of auto and renters insurance, has confirmed a significant data breach that exposed the personal information and driver’s license data of approximately 6.99 million people. This incident marks the largest known leak of Americans’ driver’s license information this year. Founded in 1998, the Atlanta-based insurer operates in more than a dozen […]

    The post AssuranceAmerica Confirms Massive Data Breach Exposing Driver’s License and Insurance Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • RedHook Abuses Accessibility Service to Enable Developer Options and Wireless Debugging

    ·

    cyber security, Cyber Security News

    RedHook, an Android Remote Access Trojan (RAT) first profiled in July 2025, has resurfaced with a markedly more dangerous capability: autonomous abuse of Android’s ADB Wireless Debugging to acquire shell-level privileges (uid 2000). While its baseline toolkit screen streaming, keylogging, Accessibility-driven UI manipulation and credential theft remains intact, the latest RedHook builds demonstrate a deliberate […]

    The post RedHook Abuses Accessibility Service to Enable Developer Options and Wireless Debugging appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Summer of Clearinghouses

    ·

    Everyone seems to have announced a clearinghouse over the past few weeks. We did too. Ours is called Athena, and the main thing that sets it apart is that it was already real and running when we announced it — built quietly months earlier, heads down, taking findings and shipping fixes, because customers kept asking us to. We only announced it now because everyone else started announcing theirs,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • GodDamn Ransomware Uses PoisonX Driver to Disable Endpoint Defenses

    ·

    Cybersecurity researchers have flagged a new ransomware family called GodDamn that employs the PoisonX kernel driver to neutralize security software as part of its defense evasion strategy. According to a new report published by the Threat Hunter Team from Symantec, the ransomware was first publicly spotted in the wild on May 21, 2026. It’s assessed to be a rebrand of the Beast ransomware,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

1 2 3 … 933
Next Page

1010.cx

cybersecurity / defense / intelligence