1010.cx

1010.cx

/

Archive

/

Category: Cyber Security News

  • American Airlines Subsidiary Envoy Compromised in Oracle Hacking Campaign

    Envoy Air, a wholly owned subsidiary of American Airlines, has confirmed it fell victim to a hacking campaign exploiting vulnerabilities in Oracle’s E-Business Suite (EBS). The breach, first highlighted by the notorious Clop ransomware group, underscores the growing risks facing enterprise software in the aviation sector. Clop, known for high-profile extortion schemes like the MOVEit […] The post American Airlines Subsidiary Envoy Compromised in Oracle Hacking Campaign appeared first on Cyber Security News.

    ·

    , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • New Phishing Attack Leverages Azure Blob Storage to Impersonate Microsoft

    Threat actors are leveraging Microsoft Azure Blob Storage to craft highly convincing phishing sites that mimic legitimate Office 365 login portals, putting Microsoft 365 users at severe risk of credential theft. This method exploits trusted Microsoft infrastructure, making the attacks harder to spot as the fraudulent pages appear secured by official SSL certificates issued by […] The post New Phishing Attack Leverages Azure Blob Storage to Impersonate Microsoft appeared first on Cyber Security News.

    ·

    , , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Authorities Shut Down Cybercrime-as-a-Service, Seize 40,000 SIM Cards

    Law enforcement authorities across Europe have dismantled a sophisticated cybercrime-as-a-service operation that enabled criminals to commit widespread fraud and other serious offenses across the continent. The coordinated action, codenamed ‘SIMC…

    ·

    , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Critical Zimbra SSRF Flaw Exposes Sensitive Data

    Zimbra has released an emergency security patch to address a critical Server-Side Request Forgery (SSRF) vulnerability that could allow attackers to access sensitive data through the platform’s chat proxy configuration. The flaw, classified as hi…

    ·

    , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Microsoft Windows 11 October Update Disrupts Localhost (127.0.0.1) Connectivity

    Microsoft’s October 2025 Windows 11 update has introduced an unexpected connectivity issue affecting developers and IT professionals worldwide. The security patch KB5066835, released on October 14, 2025, for OS Builds 26200.6899 and 26100.6899, h…

    ·

    , , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • PoC Exploit Released for 7-Zip Vulnerabilities that Let Attackers Execute Arbitrary Code Remotely

    A proof-of-concept exploit for two critical vulnerabilities in the popular file archiver 7-Zip, potentially allowing attackers to execute arbitrary code remotely through malicious ZIP files. The flaws, tracked as CVE-2025-11001 and CVE-2025-11002, were disclosed by the Zero Day Initiative (ZDI) on October 7, 2025, and stem from improper handling of symbolic links during ZIP extraction […] The post PoC Exploit Released for 7-Zip Vulnerabilities that Let Attackers Execute Arbitrary Code Remotely appeared first on Cyber Security News.

    ·

    , , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Authorities Dismantle Cybercrime-as-a-Service Platform, Seize 40,000 Active SIM Cards

    An international law enforcement operation has dismantled a large-scale cybercrime-as-a-service network responsible for fueling thousands of online fraud cases across Europe. The operation, known as SIMCARTEL, took place on 10 October 2025 in Latvia and resulted in five arrests, the seizure of key infrastructure, and the disruption of a sophisticated online criminal marketplace. During coordinated […] The post Authorities Dismantle Cybercrime-as-a-Service Platform, Seize 40,000 Active SIM Cards appeared first on Cyber Security News.

    ·

    ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Critical Zimbra SSRF Vulnerability Let Attackers Access Sensitive Data

    A newly disclosed Server-Side Request Forgery (SSRF) flaw in Zimbra Collaboration Suite has raised major security concerns, prompting administrators to patch systems immediately. The issue, identified in the chat proxy configuration component, could allow attackers to gain unauthorized access to internal resources and sensitive user data. According to Zimbra’s latest advisory, this critical SSRF vulnerability […] The post Critical Zimbra SSRF Vulnerability Let Attackers Access Sensitive Data appeared first on Cyber Security News.

    ·

    , , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Microsoft Windows 11 October Update Breaks Localhost (127.0.0.1) Connections

    Microsoft’s October 2025 cumulative update for Windows 11 has disrupted localhost functionality, preventing developers and users from accessing local web applications and services via 127.0.0.1. The issue, tied to update KB5066835 released on October 14, affects builds like 26100.6899 and has sparked widespread complaints on forums, including Microsoft’s support pages, Stack Overflow, and Server Fault. […] The post Microsoft Windows 11 October Update Breaks Localhost (127.0.0.1) Connections appeared first on Cyber Security News.

    ·

    , , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Hackers Using TikTok Videos to Deploy Self-Compiling Malware That Leverages PowerShell for Execution

    Cybercriminals are exploiting TikTok’s massive user base to distribute sophisticated malware campaigns that promise free software activation but deliver dangerous payloads instead. The attack leverages social engineering tactics reminiscent of the ClickFix technique, where unsuspecting users are tricked into executing malicious PowerShell commands on their systems. Victims encounter TikTok videos offering free activation of popular […] The post Hackers Using TikTok Videos to Deploy Self-Compiling Malware That Leverages PowerShell for Execution appeared first on Cyber Security News.

    ·

    , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶