1010.cx – cybersecurity / defense / intelligence

North Korea Hackers Abuse Git Hooks to Deploy Cross-Platform Malware

·

cyber security, Cyber Security News, Malware

North Korean threat actors have introduced a stealthy new delivery mechanism in their ongoing “Contagious Interview” campaign, shifting tactics to abuse Git hooks for malware execution. The attack begins with a familiar social engineering lure. Victims, often developers targeted through fake job interviews, are asked to clone a GitHub repository containing a “coding assessment.” Hidden […]

The post North Korea Hackers Abuse Git Hooks to Deploy Cross-Platform Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Cline AI Agent Flaw Allows Attackers to Launch RCE Attacks

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

A critical security vulnerability in the Cline AI coding assistant’s kanban package exposes developers to remote code execution, data theft, and denial-of-service attacks by simply visiting a malicious website. Security researcher Sagilayani disclosed CVE-2026-44211 on GitHub four days ago, revealing that the kanban npm package bundled with the Cline CLI starts a WebSocket server on 127.0.0.1:3484 with zero Origin […]

The post Cline AI Agent Flaw Allows Attackers to Launch RCE Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Fake TronLink Chrome Extension Steals Crypto Wallet Credentials

·

Chrome, cyber security, Cyber Security News

A newly uncovered phishing campaign is targeting TRON wallet users through a deceptive Chrome extension that mimics the popular TronLink wallet. The campaign highlights how modern browser extension abuse is evolving beyond static code inspection, making detection significantly harder. At first glance, it appears legitimate, even displaying “1,000,000+ users” and strong ratings on the Chrome […]

The post Fake TronLink Chrome Extension Steals Crypto Wallet Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages

·

TeamPCP, the threat actor behind the recent supply chain attack spree, has been linked to the compromise of the npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI as part of a fresh Mini Shai-Hulud campaign. The affected npm packages have been modified to include an obfuscated JavaScript file (“router_init.js”) that’s designed to profile the execution

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Claude Chrome Extension Flaw Lets Malicious Add-Ons Steal Gmail and Drive Data

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

A critical vulnerability dubbed “ClaudeBleed” has compromised Anthropic’s trusted AI assistant, potentially turning it into a backdoor. This severe design flaw in the Claude Chrome extension allows malicious add-ons to hijack the AI secretly. Even extensions with zero declared permissions can exploit this vulnerability to steal sensitive data from Gmail, Google Drive, and GitHub. In […]

The post Claude Chrome Extension Flaw Lets Malicious Add-Ons Steal Gmail and Drive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Microsoft Warns: MistralAI PyPI Package Compromised with Malware

·

cyber security, Cyber Security News, Malware, Microsoft

Mistral’s official Python client on PyPI has been pulled into the ongoing wave of AI supply‑chain attacks, with Microsoft warning that version 2.4.6 of the mistralai package was backdoored to silently deploy a credential‑stealing payload on Linux systems. The logic is designed to execute automatically whenever the package is imported, meaning developers simply using the library in […]

The post Microsoft Warns: MistralAI PyPI Package Compromised with Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak

·

American educational technology company Instructure, the parent company of Canvas, said it reached an “agreement” with a decentralized cybercrime extortion group after it breached its network and threatened to leak stolen information from thousands of schools and universities. In an update shared on Monday, the Utah-based firm said it “reached an agreement with the unauthorized actor involved in

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
OpenAI Daybreak Automates Vulnerability Detection and Patching

·

AI, cyber security, Cyber Security News, Vulnerability Analysis

The relentless race against zero-day exploits and sophisticated cyberattacks requires a revolutionary approach to software security. Defenders are constantly overwhelmed by massive backlogs of alerts and the sheer volume of code requiring manual review. Enter OpenAI Daybreak, a frontier artificial intelligence system built specifically for cyber defenders. By shifting the focus from reactive damage control […]

The post OpenAI Daybreak Automates Vulnerability Detection and Patching appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation

·

OpenAI has launched Daybreak, a new cybersecurity initiative that brings together frontier artificial intelligence (AI) model capabilities and Codex Security to help organizations identify and patch vulnerabilities before attackers find a way in using the same issues. “Daybreak combines the intelligence of OpenAI models, the extensibility of Codex as an agentic harness, and our partners across

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Magecart Hackers Exploit Google Tag Manager to Inject Credit Card Skimmers

·

cyber security, Cyber Security News

Magecart-style attackers are once again abusing trusted web services, this time weaponizing Google Tag Manager (GTM) to inject credit card skimmers into ecommerce websites stealthily. Because GTM is widely used and loaded from the trusted domain googletagmanager.com, malicious scripts can blend in with legitimate site functionality, making detection significantly harder. Once embedded into a compromised […]

The post Magecart Hackers Exploit Google Tag Manager to Inject Credit Card Skimmers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶