1010.cx

1010.cx

/

Archive

/

Category: Cyber Security News

  • Cornwell Quality Tools Suffers Data Breach, 100,000 User Records Exposed

    Cornwell Quality Tools, a leading automotive and industrial tool supplier, has confirmed a significant data breach that compromised the personal information of 103,782 individuals. The cybersecurity incident occurred on December 12, 2024, when unauthor…

    ·

    , , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Microsoft Teams Introduces Automatic Alerts for Malicious Links from Attackers

    Microsoft to enhance security for its Teams platform by automatically warning users about malicious links in chat messages. The new feature, part of Microsoft Defender for Office 365, is designed to protect users from phishing, spam, and malware attacks by flagging potentially harmful URLs shared in both internal and external conversations. The update will begin […] The post Microsoft Teams Introduces Automatic Alerts for Malicious Links from Attackers appeared first on Cyber Security News.

    ·

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Top 10 Best Mobile Application Penetration Testing Services in 2025

    Mobile Application Penetration Testing is a critical cybersecurity service in 2025, focusing on a unique and rapidly evolving attack surface. These tests go beyond static code analysis to assess an app’s runtime behavior, server-side interactions…

    ·

    , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Top 10 Best Cloud Penetration Testing Companies in 2025

    Cloud is the foundation of modern business, but it comes with a complex and evolving security landscape. Traditional penetration testing, which focuses on on-premise networks and applications, is not sufficient to secure these dynamic environments. Clo…

    ·

    , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Top 10 Best Penetration Testing as a Service (PTaaS) Companies in 2025

    Penetration Testing as a Service (PTaaS) is a modern approach to offensive security that combines the best of human-led penetration testing with the efficiency of an automated platform. Unlike traditional, project-based penetration tests, a PTaaS model…

    ·

    , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • PhishKit Evasion Tactics: What You Need to Pay Attention to Right Now 

    Cyber attackers constantly refine their evasion methods. That’s what makes threats, including phishing, increasingly hard to detect and investigate. Kits like Tycoon 2FA regularly evolve with new tricks added to their arsenal. They slip past defenses and compromise companies, demonstrating great adaptivity in modern cyber threats.  Let’s review three key evasion techniques of Tycoon 2FA […] The post PhishKit Evasion Tactics: What You Need to Pay Attention to Right Now  appeared first on Cyber Security News.

    ·

    , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • New VMScape Spectre-BTI Attack Exploits Isolation Gaps in AMD and Intel CPUs

    A novel speculative execution attack named VMSCAPE allows a malicious virtual machine (VM) to breach its security boundaries and steal sensitive data, like cryptographic keys, directly from its host system. The vulnerability, identified as CVE-2025-40300, affects a wide range of modern processors, including all current generations of AMD Zen (1 through 5) and Intel’s Coffee […] The post New VMScape Spectre-BTI Attack Exploits Isolation Gaps in AMD and Intel CPUs appeared first on Cyber Security News.

    ·

    , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Threat Actors Leveraging Open-Source AdaptixC2 in Real-World Attacks

    In early May 2025, security teams began observing a sudden rise in post-exploitation activity leveraging an open-source command-and-control framework known as AdaptixC2. Originally developed to assist penetration testers, this framework offers a range of capabilities—file system manipulation, process enumeration, and covert channel tunneling—that have now been adopted by malicious actors. The framework’s modular design and […] The post Threat Actors Leveraging Open-Source AdaptixC2 in Real-World Attacks appeared first on Cyber Security News.

    ·

    , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • L7 DDoS Botnet Hijacked 5.76M Devices to Launch Massive Attacks

    In early March 2025, security teams first observed an unprecedented L7 DDoS botnet targeting web applications across multiple sectors. The botnet, rapidly expanding from an initial 1.33 million compromised devices, employed HTTP GET floods to exhaust server resources and circumvent traditional rate limiting. By mid-May, the threat escalated as the botnet grew to 4.6 million […] The post L7 DDoS Botnet Hijacked 5.76M Devices to Launch Massive Attacks appeared first on Cyber Security News.

    ·

    , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Lessons from Salesforce/Salesloft Drift Data Breaches – Detailed Case Study

    The Salesloft Drift data breaches of August 2025 stand as one of the most significant supply chain attacks in SaaS history, demonstrating how a single compromised integration can cascade into widespread organizational exposure. This sophisticated campaign, staged by the threat actor UNC6395, exploited OAuth token vulnerabilities to access sensitive data from over 700 organizations, including […] The post Lessons from Salesforce/Salesloft Drift Data Breaches – Detailed Case Study appeared first on Cyber Security News.

    ·

    , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶