1010.cx – cybersecurity / defense / intelligence

MagicAd Android Malware Bypasses Restrictions to Flood Devices With Ads

·

Android, cyber security, Cyber Security News, Malware

Android.MagicAd, a stealthy Android trojan family that circumvents operating-system safeguards to push intrusive ads from the background. The apps were short-lived in the catalogs appearing for weeks then removed yet any installed copies remained active on user devices, allowing attackers to sustain ad-fraud and persistence while reducing exposure in app stores. Technically sophisticated, Android.MagicAd hides […]

The post MagicAd Android Malware Bypasses Restrictions to Flood Devices With Ads appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
2026 CISO Compensation Data: Salaries, Bonuses, Equity

·

Blogs
This week in cybersecurity from the editors at Cybercrime Magazine

Sausalito, Calif. – Jun. 9, 2026

– Read the report

The 2026 CISO Report from Cybersecurity Ventures in partnership with Sophos examines the latest compensation data for CISOs.

According to Glassdoor data, the median annual pay range for a CISO is $321,000, while Salary.com puts the figure at $385,000. Lower tier estimates, provided by Zippia, bottom out at $144,000.

CSO reports that CISO pay at the largest U.S. enterprises is closer to $500,000, with some CISOs receiving 7-figure annual compensation packages, and a few even hauling in $5 million a year.

Estimated equity values are driving significant increases in year-over-year compensation for CISOs, particularly in larger public companies. CISOs in publicly traded companies typically receive better compensation-related benefits, such as equity, insurance, and signing bonuses, according to the 2025 CISO Security Leadership Survey from Hitch Partners.

CISOs in the technology and services sector earn the highest total compensation on average, largely driven by equity and long-term incentives, according to a survey by Heidrick & Struggles. The survey also states that CISOs in Europe earned less on average than their U.S. counterparts.

U.S. Cities including San Francisco, New York, Seattle, and Washington, D.C. offer the highest salaries, according to an analysis of compensation data from publicly available job postings, salary benchmarks from trusted job sites and recruiter-reported ranges from cybersecurity hiring reports.

Read the 2026 CISO Report

Cybercrime Magazine is Page ONE for Cybersecurity. Go to any of our sections to read the latest:
- SCAM. The latest schemes, frauds, and social engineering attacks being launched on consumers globally.
- NEWS. Breaking coverage on cyberattacks and data breaches, and the most recent privacy and security stories.
- HACK. Another organization gets hacked every day. We tell you who, what, where, when, and why.
- VC. Cybersecurity venture capital deal flow with the latest investment activity from various sources around the world.
- M&A. Cybersecurity mergers and acquisitions including big tech, pure cyber, product vendors and professional services.
- BLOG. What’s happening at Cybercrime Magazine. Plus the stories that don’t make headlines (but maybe they should).
- PRESS. Cybersecurity industry news and press releases in real time from the editors at Business Wire.
- PODCAST. New episodes daily on the Cybercrime Magazine Podcast feature victims, law enforcement, vendors, and cybersecurity experts.
- RADIO. Tune into WCYB Digital Radio at Cybercrime.Radio, the first and only round-the-clock internet radio station devoted to cybersecurity.
Contact us to send story tips, feedback and suggestions, and for sponsorship opportunities and custom media productions.

The post 2026 CISO Compensation Data: Salaries, Bonuses, Equity appeared first on Cybercrime Magazine.
¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Microsoft Defender Adds Monitoring for RPC Protocol Abuse in Cyberattacks

·

cyber security, Cyber Security News, Microsoft

Microsoft has introduced enhanced monitoring capabilities in Microsoft Defender for Endpoint to detect and disrupt cyberattacks that abuse the Remote Procedure Call (RPC) protocol, a core Windows communication mechanism that threat actors frequently exploit for lateral movement and credential access. Announced on June 8, 2026, the update provides granular visibility into inbound remote RPC activity, […]

The post Microsoft Defender Adds Monitoring for RPC Protocol Abuse in Cyberattacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine

·

Two Russia-aligned cyber attack campaigns have continued to exploit a security flaw in WinRAR to target Ukrainian organisations, almost a year after patches for the vulnerability were released. The activity has been attributed by Trend Micro to Earth Dahu (aka Gamaredon) and SHADOW-EARTH-066 (aka UAC-0226). It involves the exploitation of CVE-2025-8088, a path traversal flaw that allows an

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
LiteLLM Vulnerability Allows Attackers to Execute Arbitrary Commands on Servers

·

CVE/vulnerability, cyber security, Cyber Security News, Vulnerabilities, vulnerability

A critical vulnerability chain affecting LiteLLM has been identified, enabling unauthenticated remote code execution (RCE) on exposed servers. Tracked as CVE-2026-42271 and chained to CVE-2026-48710, the issue allows attackers to bypass authentication controls and execute arbitrary system commands, posing a severe risk to AI infrastructure that relies on LiteLLM deployments. LiteLLM Vulnerability CVE-2026-42271 is a […]

The post LiteLLM Vulnerability Allows Attackers to Execute Arbitrary Commands on Servers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
New BitB Phishing Attack Targets Microsoft 365 Logins

·

cyber security, Cyber Security News, Microsoft, Phishing

A new Browser-in-the-Browser (BitB) phishing campaign is abusing fake OAuth login windows to steal Microsoft 365 credentials, and its design is polished enough to bypass casual visual checks. The attack uses a draggable popup that mimics a real browser dialog. However, it is embedded in the page itself and paired with a spoofed Microsoft OAuth […]

The post New BitB Phishing Attack Targets Microsoft 365 Logins appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models

·

University of Toronto researchers have built and tested a proof-of-concept AI-driven computer worm that uses a locally hosted open-weight large language model to reason its way through a network, generate tailored attack strategies for each target it encounters, and replicate itself, all without human intervention and without touching a commercial AI service. The preprint, posted to arXiv on

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild – Patch Now

·

Google has released security updates to address 74 vulnerabilities, including one that has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2026-11645 (CVSS score: 8.8), has been described as an out-of-bounds memory access in V8, Chrome’s JavaScript and WebAssembly engine. “Out-of-bounds read and write in V8 in Google Chrome prior to 149.0.7827.103

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
North Korea Hackers Weaponize GitHub to Target Developers

·

cyber security, Cyber Security News, GitHub

A sustained phishing campaign that leverages developer recruitment and code-review lures to deliver cross‑platform malware via attacker-controlled GitHub repositories. Tracked as UNK_DeadDrop and attributed with high confidence to a North Korea‑aligned actor, the operation targeted nearly 100 organizations across finance, cryptocurrency, education and technology by sending more than 250 tailored emails over six weeks. The […]

The post North Korea Hackers Weaponize GitHub to Target Developers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
The Hidden Security Risk in Modern Networks: The Work Between Tools

·

Organizations have more visibility than ever. Growing tech stacks provide greater coverage, and network security teams are increasingly adopting AI and automation to help with routine tasks and reduce manual effort. But the same challenges persist. Outages still last hours, causing significant financial losses, operational disruption, and reputational impact. Threat response and mean time to

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

This week in cybersecurity from the editors at Cybercrime Magazine