1010.cx

1010.cx

/

Archive

/

Category: cyber security

  • Threat Actors Weaponizing Facebook Ads with Free TradingView Premium App Lures That Delivers Android Malware

    Cybersecurity researchers have uncovered a sophisticated malvertising campaign on Meta’s Facebook platform in recent weeks that targets Android users with promises of a free TradingView Premium application. These deceptive ads mimic official TradingView branding and visuals, luring unsuspecting victims to download what appears to be a legitimate APK. Once installed, however, the app unleashes a […] The post Threat Actors Weaponizing Facebook Ads with Free TradingView Premium App Lures That Delivers Android Malware appeared first on Cyber Security News.

    ·

    , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • 15 Best Identity & Access Management Solutions (IAM) in 2025

    Effective Identity Management Solutions have become paramount in today’s interconnected world, where individuals interact with various online platforms and services. Identity management solutions refer to the processes, technologies, and policies implemented to ensure secure and appropriate access to digital resources while protecting the privacy of individuals.  The management of user authentication has evolved significantly over […] The post 15 Best Identity & Access Management Solutions (IAM) in 2025 appeared first on Cyber Security News.

    ·

    , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Popular Nx Packages Compromised by Credential-Stealing Malware

    A widespread supply chain attack on the popular Nx build system has compromised dozens of high-traffic packages, exposing sensitive credentials and demonstrating a frighteningly comprehensive approach to future threats. Security researchers have confir…

    ·

    , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • New Research With PoC Explains Security Nightmares On Coding Using LLMs

    Security researchers have uncovered significant vulnerabilities in code generated by Large Language Models (LLMs), demonstrating how “vibe coding” with AI assistants can introduce critical security flaws into production applications.  A new study reveals that LLM-generated code often prioritizes functionality over security, creating attack vectors that can be exploited with simple curl commands. Key Takeaways1. LLM-generated […] The post New Research With PoC Explains Security Nightmares On Coding Using LLMs appeared first on Cyber Security News.

    ·

    ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Microsoft Teams Abused in Cyberattack Delivering PowerShell-Based Remote Access Malware

    In a concerning development for enterprise security, cybercriminals have begun exploiting Microsoft Teams—long trusted as an internal messaging and collaboration tool—to deliver PowerShell-based malware and gain unauthorized remote access to Windows sy…

    ·

    , , , , , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • TransUnion Data Breach Compromises Over 4 Million Customers

    In a significant data breach disclosed by TransUnion LLC, more than 4.4 million consumers had sensitive personal information compromised in late July 2025. The credit reporting agency, headquartered at 555 W. Adams Street in Chicago, Illinois, revealed…

    ·

    , , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • How Adversary-In-The-Middle (AiTM) Attack Bypasses MFA and EDR?

    Adversary-in-the-Middle (AiTM) attacks are among the most sophisticated and dangerous phishing techniques in the modern cybersecurity landscape. Unlike traditional phishing attacks that merely collect static credentials, AiTM attacks actively intercept and manipulate communications between users and legitimate services in real-time, enabling attackers to bypass multi-factor authentication (MFA) and evade endpoint detection and response (EDR) systems. […] The post How Adversary-In-The-Middle (AiTM) Attack Bypasses MFA and EDR? appeared first on Cyber Security News.

    ·

    , , , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • PhpSpreadsheet Library Vulnerability Enables Attackers to Feed Malicious HTML Input

    A high-severity Server-Side Request Forgery (SSRF) vulnerability has been identified in the widely used PhpSpreadsheet library, potentially allowing attackers to exploit internal network resources and compromise server security.  The vulnerability, tracked as CVE-2025-54370, affects multiple versions of the phpoffice/phpspreadsheet package and carries a CVSS v4.0 score of 8.7. Key Takeaways1. SSRF in PhpSpreadsheet’s Worksheet\Drawing::setPath via […] The post PhpSpreadsheet Library Vulnerability Enables Attackers to Feed Malicious HTML Input appeared first on Cyber Security News.

    ·

    , , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Nagios XSS Vulnerability Let Remote Attackers to Execute Arbitrary JavaScript

    Nagios XI, a widely-deployed network monitoring solution, has addressed a critical cross-site scripting (XSS) vulnerability in its Graph Explorer feature that could enable remote attackers to execute malicious JavaScript code within users’ browsers.  The security flaw was patched in version 2024R2.1, released on August 12, 2025, following responsible disclosure by security researcher Marius Lihet. Key […] The post Nagios XSS Vulnerability Let Remote Attackers to Execute Arbitrary JavaScript appeared first on Cyber Security News.

    ·

    , , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • New Mac Malware Dubbed ‘JSCoreRunner’ Weaponizing PDF Conversion Site to Deliver Malware

    A sophisticated new Mac malware campaign has emerged, targeting users through a deceptive PDF conversion website that conceals a dangerous two-stage payload. The malware, dubbed “JSCoreRunner,” represents a significant evolution in macOS threats, demonstrating how cybercriminals are adapting their techniques to bypass Apple’s security measures while maintaining zero detection rates on major security platforms. The […] The post New Mac Malware Dubbed ‘JSCoreRunner’ Weaponizing PDF Conversion Site to Deliver Malware appeared first on Cyber Security News.

    ·

    , ,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶