1010.cx – cybersecurity / defense / intelligence

Hackers Weaponize Trusted Tools to Deploy Notorious Malware

·

cyber security, Cyber Security News, Malware

Attackers are leaning harder on legitimate, preinstalled, or widely used system tools to deliver and operate notorious malware families, creating a stealthy, high-velocity threat that outpaces many traditional defenses. The operational logic for attackers is straightforward. Native utilities such as PowerShell, Windows Management Instrumentation (WMI), certutil, mshta, and JavaScript execution contexts already enjoy elevated privileges […]

The post Hackers Weaponize Trusted Tools to Deploy Notorious Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Virginia Is For Cyber

·

Blogs
This week in cybersecurity from the editors at Cybercrime Magazine

Sausalito, Calif. – Jun. 5, 2026

– Listen to the podcast

Virginia is home to the second largest cybersecurity industry in the country, with around 88,000 cybersecurity workers, according to Cyberseek, a project supported by the NICE (National Initiative for Cybersecurity Education), a program of the National Institute of Standards and Technology (NIST) in the U.S. Department of Commerce.

Close proximity to the nation’s capital provides access to the Pentagon, the CIA, the Defense Advanced Research Projects Agency (DARPA), the Navy Cyber Defense Operations Command, and many additional federal assets, making Virginia an advantageous location for cyber-companies.

To meet the rising demand for a cybersecurity workforce, nearly 50 of Virginia’s colleges and universities have established cyber degrees and degrees with cyber focus. Virginia is also home to 28 NSA/DHS Centers of Academic Excellence (CAE) in cybersecurity.

Emily Pochter is the Director of Cybersecurity and Software at the Virginia Economic Development Partnership. In a recent Cybercrime Magazine Podcast episode, she joined host Heather Engel, who is based in Virginia. to discuss the state’s cybersecurity landscape and what listeners need to know regarding jobs, startups, and more.

Listen to the Podcast episode

Cybercrime Magazine · Virginia’s Cyber Landscape. An Overview. Emily Pochter, Virginia Economic Development Partnership.

Cybercrime Magazine is Page ONE for Cybersecurity. Go to any of our sections to read the latest:
- SCAM. The latest schemes, frauds, and social engineering attacks being launched on consumers globally.
- NEWS. Breaking coverage on cyberattacks and data breaches, and the most recent privacy and security stories.
- HACK. Another organization gets hacked every day. We tell you who, what, where, when, and why.
- VC. Cybersecurity venture capital deal flow with the latest investment activity from various sources around the world.
- M&A. Cybersecurity mergers and acquisitions including big tech, pure cyber, product vendors and professional services.
- BLOG. What’s happening at Cybercrime Magazine. Plus the stories that don’t make headlines (but maybe they should).
- PRESS. Cybersecurity industry news and press releases in real time from the editors at Business Wire.
- PODCAST. New episodes daily on the Cybercrime Magazine Podcast feature victims, law enforcement, vendors, and cybersecurity experts.
- RADIO. Tune into WCYB Digital Radio at Cybercrime.Radio, the first and only round-the-clock internet radio station devoted to cybersecurity.
Contact us to send story tips, feedback and suggestions, and for sponsorship opportunities and custom media productions.

The post Virginia Is For Cyber appeared first on Cybercrime Magazine.
¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Reaper macOS Infostealer Abuses Script Editor to Steal Crypto and Passwords

·

ClickFix, Crypto, Infostealer, macOS, Malware, Password, Reaper, Script Editor, Security, SHub Stealer, WeChat

Threat actors are deploying an updated SHub Stealer variant named Reaper that exploits the native macOS Script Editor to bypass OS-level protections and compromise cryptocurrency assets.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
New Magecart Attack Abuses Stripe as Malware C2

·

cyber security, Cyber Security News, Malware

A novel Magecart campaign that weaponizes legitimate cloud services to evade detection: attackers are storing a JavaScript skimmer inside Stripe customer metadata and delivering it to victim checkouts via Google Tag Manager. The combination makes Stripe both the command server for arbitrary code and the durable exfiltration sink for stolen card data, using domains (googletagmanager.com […]

The post New Magecart Attack Abuses Stripe as Malware C2 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework

·

Cybersecurity researchers have discovered a previously unreported threat cluster dubbed OP-512 that has been observed targeting Microsoft Internet Information Services (IIS) servers to deploy a bespoke web shell framework. ReliaQuest has assessed with moderate to high confidence that the espionage-focused activity is linked to China. “OP-512 was highly likely conducting espionage through a

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Hola Browser Windows Delivery Pipeline Hijacked to Deploy Cryptominer

·

cyber security, Cyber Security News, Windows

An undeclared executable bundled with Hola Browser for Windows (version 1.251.91.0) that later proved to be a crypto‑miner. The binary, written to C:\Program Files\Hola\me.exe in affected installs, was not part of the certified footprint, lacked code signing and a timestamp, contained obfuscated code and memory‑write capabilities. Analysis identified miner‑related strings, XMRig indicators, and behavior to […]

The post Hola Browser Windows Delivery Pipeline Hijacked to Deploy Cryptominer appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Trend Micro Deep Security Agent Flaw Allows Repeatable Security Bypass

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

Trend Micro’s Deep Security Agent for Linux contains a design flaw in its behavior-monitoring stack that allows a local, unprivileged attacker to repeatedly force short “blind spots” in which endpoint protections are temporarily bypassed. The issue stems from how the agent unloads and reloads its bmhook and tmhook kernel modules under heavy local event load, […]

The post Trend Micro Deep Security Agent Flaw Allows Repeatable Security Bypass appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Only 10% of SOCs Say They’re Getting Excellent Value From AI. Here’s What the Second Wave Has to Deliver

·

Eighteen months ago, the AI SOC was a marketing line. Today it’s a budget item. The category has crossed over from interesting to inevitable, with billions of dollars now flowing into AI-powered security operations platforms, agentic SOC tools, and AI co-pilots built into every layer of the security stack. The data shows SOCs are buying, deploying, and standing up AI capabilities at the fastest

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Hugging Face Transformers Security Flaw Allows Remote Code Execution

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

A critical security flaw in Hugging Face Transformers, tracked as CVE-2026-4372, has exposed millions of machine learning workflows to silent remote code execution (RCE) through a malicious model configuration. Discovered by Pluto Security researcher Yotam Perkal, the issue allows attackers to execute arbitrary code on a victim’s system simply by tricking them into loading a […]

The post Hugging Face Transformers Security Flaw Allows Remote Code Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
New Gafgyt Variant Targets Linux Systems With Modular Spread Tactics

·

cyber security, Cyber Security News, Linux

A new Gafgyt-family botnet, tracked as C0XMO, marks a notable technical shift in IoT malware design: the separation of scanning and propagation into distinct components and multi-architecture payloads that maximize reach across heterogeneous Linux devices. The operator delivered C0XMO by exploiting CVE-2021-27137 a stack buffer overflow in the UPnP SSDP parser of vulnerable DD-WRT firmware […]

The post New Gafgyt Variant Targets Linux Systems With Modular Spread Tactics appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

This week in cybersecurity from the editors at Cybercrime Magazine