Skip to content

1010.cx

  • Cybersecurity Newsletter Weekly – The 40 Biggest Cybersecurity Stories – Accenture Breach, AI Attack, Exploits Releases, Data Breaches & More

    ·

    Cyber Security News, Cybersecurity Newsletter

    Welcome to this week’s edition of the GBHackers cybersecurity newsletter — your weekly cybersecurity bulletin covering the 40 most important stories from July 6–10, 2026. This week the security world collided with AI head-on: prompt-injection attacks turned chatbots into C2 agents, five major AI coding assistants fell to a single attack pattern, and thousands of […]

    The post Cybersecurity Newsletter Weekly – The 40 Biggest Cybersecurity Stories – Accenture Breach, AI Attack, Exploits Releases, Data Breaches & More appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Compromised jscrambler 8.14.0 npm Release Drops Rust Infostealer During Install

    ·

    Version 8.14.0 of the jscrambler npm package shipped with a malicious preinstall hook that silently drops and runs a native infostealer during installation, one build each for Windows, macOS, and Linux. Published on July 11, 2026, it needs no import and no CLI call. Installing 8.14.0 is enough to run it. Socket flagged the release six minutes after it was

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Hackers Weaponize Balochistan Police Portal in Multi-Group Espionage Campaigns

    ·

    Cybersecurity researchers have disclosed details of sustained cyber espionage activity against several Pakistani law enforcement organizations undertaken by suspected China- and India-aligned threat actors between February 2024 and April 2026. “At Balochistan Police, the compromised assets included servers hosting web applications that manage police and citizen data, such as criminal and

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • AWS GovCloud Credential Leak Leads CISA to Share Critical Cyber Incident Lessons

    ·

    cyber security, Cyber Security News

    The Cybersecurity and Infrastructure Security Agency (CISA) has disclosed details of an internal security incident involving exposed AWS GovCloud credentials, offering a transparent account of its own incident response to help other organizations strengthen their defenses. On Friday, May 15, CISA’s Office of the Chief Information Officer (OCIO) launched an internal investigation after an investigative […]

    The post AWS GovCloud Credential Leak Leads CISA to Share Critical Cyber Incident Lessons appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Hackers Infect C++ and C# Project Files to Spread Multi-Stage Windows Backdoor

    ·

    cyber security, Cyber Security News

    A sophisticated Windows Trojan that compromises software development projects to distribute a multi-stage backdoor, data stealer, clipboard hijacker, cryptominer, and file infector. Documented by Doctor Web researchers and first observed in the final quarter of 2025, the malware has continued to develop and now targets C++ and C# development environments. By infecting Visual Studio project […]

    The post Hackers Infect C++ and C# Project Files to Spread Multi-Stage Windows Backdoor appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Zimbra Releases Security Patch for Stored XSS Vulnerability in Classic Web Client

    ·

    cyber security, Cyber Security News

    Zimbra has released its Daffodil v10.1.19 patch update, addressing a stored cross-site scripting (XSS) vulnerability in the platform’s Classic Web Client. The security issue could allow a specially crafted email message to execute malicious JavaScript within the context of a logged-in recipient’s webmail session. The update, released on July 7, 2026, includes fixes delivered through […]

    The post Zimbra Releases Security Patch for Stored XSS Vulnerability in Classic Web Client appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Dell BIOS Flaw Lets Attackers Extract Plaintext Passwords Without Brute Force

    ·

    cyber security, Cyber Security News

    A newly disclosed Dell BIOS password-storage flaw can allow attackers with physical access to recover administrator and user passwords from SPI flash dumps in milliseconds. Tracked as CVE-2026-40639 and addressed in Dell Security Advisory DSA-2026-197, the issue affects certain Dell client platforms that use the proprietary DVAR configuration store and the SystemPwSmm SMM driver. Dell […]

    The post Dell BIOS Flaw Lets Attackers Extract Plaintext Passwords Without Brute Force appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Critical Zimbra Flaw Could Let Crafted Emails Run Malicious Code in User Sessions

    ·

    Zimbra is urging customers to apply updates to address a critical security vulnerability impacting the Classic Web Client that could result in arbitrary code execution. The vulnerability has been described as a case of stored cross-site scripting (XSS) that could allow specially crafted emails to execute malicious scripts in a user’s session. It has yet to be assigned a CVE identifier. “The

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Injective Labs GitHub Compromise Pushes Wallet-Key-Stealing npm Packages

    ·

    Unknown threat actors compromised the Injective Labs SDK project’s GitHub repository and leveraged it to publish a malicious package on the npm registry to steal cryptocurrency wallet private keys and mnemonic seed phrases. The compromised version, @injectivelabs/sdk-ts@1.20.21, came embedded with fake telemetry functionality that exfiltrated data from cryptocurrency wallets. The version was

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • URGENT – Progress Tells ShareFile Customers to Shut Down Storage Zone Controllers Over Security Threat

    ·

    Progress Software has told ShareFile customers to shut down the Windows servers running their Storage Zone Controllers, confirming to The Hacker News that it is responding to a “credible external security threat.” The company has temporarily disabled access to the affected accounts, a step it says it took “out of an abundance of caution” while it works with internal and external security

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

1 2 3 … 939
Next Page

1010.cx

cybersecurity / defense / intelligence