1010.cx

1010.cx

/

Archive

/

Category: Cyber Security News

  • FreePBX SQL Injection Vulnerability Exploited to Modify The Database

    A critical SQL injection vulnerability in FreePBX has emerged as a significant threat to VoIP infrastructure worldwide, enabling attackers to manipulate database contents and achieve arbitrary code execution. FreePBX, a widely deployed PBX system built around the open-source Asterisk VoIP platform, provides organizations with web-based administrative capabilities for managing telecommunications infrastructure. The vulnerability, designated as […] The post FreePBX SQL Injection Vulnerability Exploited to Modify The Database appeared first on Cyber Security News.

    ·

    , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Crimson Collective Leverages AWS Services to Exfiltrate Sensitive Data

    A new threat group calling itself Crimson Collective has emerged as a significant cybersecurity concern, targeting Amazon Web Services (AWS) cloud environments with sophisticated data exfiltration and extortion campaigns. The group has recently claimed responsibility for attacking Red Hat, asserting they successfully compromised and stole private repositories from Red Hat’s GitLab infrastructure. This development represents […] The post Crimson Collective Leverages AWS Services to Exfiltrate Sensitive Data appeared first on Cyber Security News.

    ·

    , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Hackers Actively Compromising Databases Using Legitimate Commands

    A sophisticated new breed of ransomware attacks is leveraging legitimate database commands to compromise organizations worldwide, bypassing traditional security measures through “malware-less” operations. Unlike conventional ransomware that encrypts files using malicious binaries, threat actors are exploiting exposed database services by abusing standard database functionality to steal, wipe, and ransom critical data. The attack methodology represents […] The post Hackers Actively Compromising Databases Using Legitimate Commands appeared first on Cyber Security News.

    ·

    , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Scattered Lapsus$ Hunters Launched a New Leak Site to Release Data Stolen from Salesforce Instances

    The notorious cybercriminal collective known as Scattered Lapsus$ Hunters has escalated their extortion campaign by launching a dedicated leak site to threaten organizations with the exposure of stolen Salesforce data. This supergroup, comprised of established threat actors including ShinyHunters, Scattered Spider, and Lapsus$, represents a sophisticated evolution in ransomware-as-a-service operations that targets one of the […] The post Scattered Lapsus$ Hunters Launched a New Leak Site to Release Data Stolen from Salesforce Instances appeared first on Cyber Security News.

    ·

    , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Mustang Panda Using New DLL Side-Loading Technique to Deliver Malware

    In recent weeks, cybersecurity analysts have observed a resurgence of the Mustang Panda threat actor deploying a novel DLL side-loading approach to deliver malicious payloads. Emerging in June 2025, this campaign leverages politically themed lures targeting Tibetan advocacy groups. Victims receive a ZIP archive containing a decoy executable named Voice for the Voiceless Photos.exe alongside […] The post Mustang Panda Using New DLL Side-Loading Technique to Deliver Malware appeared first on Cyber Security News.

    ·

    , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • 3 Steps to Beat Burnout in Your SOC and Solve Cyber Incidents Faster 

    Security teams are constantly on the move. Alerts never stop coming in, workloads keep piling up, and the pressure to react fast can wear anyone down. Add long investigations and a maze of tools on top of that, and burnout becomes almost inevitable.  Still, it doesn’t have to be this way. With the right approach, […] The post 3 Steps to Beat Burnout in Your SOC and Solve Cyber Incidents Faster  appeared first on Cyber Security News.

    ·

    ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Chinese Hackers Weaponized Nezha Tool to Execute Commands on Web Server

    A sophisticated cyberattack campaign, active since August 2025, where a China-nexus threat actor has been weaponizing a legitimate server operations tool called Nezha to execute commands and deploy malware on compromised web servers. This campaign, uncovered by Huntress, represents the first publicly reported instance of Nezha being abused in this manner, highlighting a tactical shift […] The post Chinese Hackers Weaponized Nezha Tool to Execute Commands on Web Server appeared first on Cyber Security News.

    ·

    , , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Top 10 Best Supply Chain Intelligence Security Companies in 2025

    In 2025, securing global supply chains is one of the top priorities for enterprises seeking business continuity, data integrity, and resilience against threats. As cyber risks, fraud, and disruption increase across physical and digital networks, leader…

    ·

    , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Rethinking AI Data Security: A Buyer’s Guide for CISOs

    Generative AI has gone from a novelty to a foundation of organization efficiency in just a few short years. From copilots embedded in office suites to dedicated large language model (LLM) platforms, personnel now rely on these platforms to code, analyze, draft, and decide. But for CISOs and security architects, the very speed of adoption […] The post Rethinking AI Data Security: A Buyer’s Guide for CISOs appeared first on Cyber Security News.

    ·

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Top 10 Best Fraud Prevention Companies in 2025

    Fraud prevention has become one of the most important priorities for enterprises, financial institutions, and digital-first businesses in 2025. With rising cyber threats, account takeovers, synthetic identities, financial crimes, phishing, and social e…

    ·

    , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶