1010.cx – cybersecurity / defense / intelligence

VECT 2.0 Ransomware Wipes Large Files Across Windows, Linux & ESXi

·

cyber security, Cyber Security News, Ransomware

The “new” VECT 2.0 ransomware is essentially a cross‑platform data wiper that permanently destroys most enterprise files rather than encrypting them for recovery. For any file larger than 131,072 bytes (128 KB), VECT processes four separate chunks using four different randomly generated ChaCha20‑IETF nonces, but only writes the last nonce to disk at the end […]

The post VECT 2.0 Ransomware Wipes Large Files Across Windows, Linux & ESXi appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Cursor AI IDE vulnerability allows code execution via hidden Git hooks

·

AI, Artificial Intelligence, Cursor AI, cybersecurity, GitHib, Security, vulnerability

Novee researchers find high-severity CVE-2026-26268 flaw in Cursor AI, allowing hackers to run malicious code when developers clone repositories.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV

·

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting ConnectWise ScreenConnect and Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities are listed below – CVE-2024-1708 (CVSS score: 8.4) – A path traversal vulnerability in ConnectWise ScreenConnect

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Top AI-Powered Vendor Risk Management Platforms for SaaS Companies in 2026

·

AI, Artificial Intelligence, cybersecurity, Data Breach, SaaS, Technology, vulnerability

Top AI-powered vendor risk platforms for SaaS companies in 2026, compare tools, features, and how to choose the…

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
SLOTAGENT Malware Hides API Calls and Strings to Thwart Analysis

·

cyber security, Cyber Security News, Malware

A previously unknown remote access trojan (RAT), dubbed SLOTAGENT, after analyzing a suspicious ZIP archive uploaded from Japan to a public malware repository in early 2026. The malware demonstrates advanced evasion techniques and flexible post-exploitation capabilities, making it a notable addition to the evolving threat landscape. The ZIP file contains a malicious executable, WindowsOobeAppHost.AOT.exe, which triggers the […]

The post SLOTAGENT Malware Hides API Calls and Strings to Thwart Analysis appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Vimeo Confirms Data Breach After Hackers Access User Database

·

Cyber Attack, cyber security, Cyber Security News, Data Breach

Vimeo has officially confirmed a data breach affecting its user database. The security incident did not originate with Vimeo, but rather with Anodot, a third-party analytics vendor used by the video hosting platform. This event highlights the ongoing risks associated with software supply chains, where a vulnerability in one vendor can compromise multiple downstream companies. […]

The post Vimeo Confirms Data Breach After Hackers Access User Database appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
LofyStealer Targets Minecraft Players via Node.js Loader and Browser Injection

·

cyber security, Cyber Security News

Minecraft players are being lured with a fake hacking tool called “Slinky” that secretly installs a powerful infostealer dubbed LofyStealer (also tracked as GrabBot), linked to the Brazilian cybercrime group LofyGang. The malware uses a Node. js-based loader and an in-memory C++ payload to steal browser data and exfiltrate it to a command-and-control (C2) server […]

The post LofyStealer Targets Minecraft Players via Node.js Loader and Browser Injection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
CISA Warns of Windows Shell Zero-Day Exploited in Attacks

·

CVE/vulnerability, cyber security, Cyber Security News, Microsoft, vulnerability, Windows, Zero-Day, zeroday

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a newly discovered zero-day vulnerability affecting Microsoft Windows. On April 28, 2026, the agency officially added CVE-2026-32202 to its Known Exploited Vulnerabilities (KEV) catalog. This critical flaw involves a failure of a protection mechanism within the Microsoft Windows Shell, and active exploitation […]

The post CISA Warns of Windows Shell Zero-Day Exploited in Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Vect 2.0 RaaS Expands Attacks Across Windows, Linux, and ESXi

·

cyber security, Cyber Security News, Ransomware

Vect 2.0 Ransomware‑as‑a‑Service (RaaS) operation is rapidly evolving into a multi‑platform threat that can encrypt Windows, Linux, and VMware ESXi environments across modern hybrid infrastructures. The group runs a classic affiliate model, renting out its ransomware and TOR‑based infrastructure to partners in exchange for a share of ransom payments. Its operators are strongly suspected to be […]

The post Vect 2.0 RaaS Expands Attacks Across Windows, Linux, and ESXi appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
cPanel Releases Emergency Patch for Critical Authentication Flaw

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

Web hosting administrators must take immediate action, as cPanel has rolled out an emergency security update to address a critical vulnerability. Disclosed on April 28, 2026, this flaw impacts various authentication paths within the cPanel and WebHost Manager (WHM) ecosystem. Control panels like cPanel act as the central nervous system for web servers, handling everything […]

The post cPanel Releases Emergency Patch for Critical Authentication Flaw appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶