cybersecurity – 1010.cx

Amazon: Russian GRU hackers favor misconfigured devices over vulnerabilities

Amazon Threat Intelligence reports Russian GRU hackers are increasingly breaking into critical infrastructure by abusing misconfigured devices instead of exploiting software vulnerabilities.

·

0day, Amazon, APT44, AWS, Curly COMrades, Cyber Attack, Cyber Crime, cybersecurity, GRU, Malware, Russia, Sandworm, Seashell Blizzard, Security, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
JumpCloud Remote Assist Flaw Lets Users Gain Full Control of Company Devices

A critical vulnerability (CVE-2025-34352) found by XM Cyber in the JumpCloud Remote Assist for Windows agent allows local users to gain full SYSTEM privileges. Businesses must update to version 0.317.0 or later immediately to patch the high-severity flaw.

·

cybersecurity, JumpCloud, Microsoft, Security, vulnerability, Windows

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
700Credit Data Breach Impacts Millions of Car Owners

US auto loan service 700Credit confirms a data breach exposed names, addresses, and Social Security numbers of dealership customers. Free credit monitoring is offered.

·

700Credit, Cyber Attack, Cyber-Attacks, cybersecurity, Data Breach, Fintech, Privacy, Security

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
GitHub Scanner for React2Shell (CVE-2025-55182) Turns Out to Be Malware

A GitHub repository posing as a vulnerability scanner for CVE-2025-55182, also referred to as “React2Shell,” was exposed as…

·

cybersecurity, Fraud, GitHub, Malware, React2Shell, SCAM, Scams and Fraud, Security, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
16TB of MongoDB Database Exposes 4.3 Billion Lead Gen Records

Cybersecurity researchers discovered an unsecured 16TB database exposing 4.3 billion professional records, including names, emails, and LinkedIn data. Learn what happened, why this massive data leak enables new scams, and how to protect your PII.

·

Business, Cloud Server, cybersecurity, database, Leads, Leaks, LinkedIn, MongoDB, Privacy, Security

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Hamas Linked Hackers Using AshTag Malware Against Diplomatic Offices

New report by Unit 42 reveals the Hamas-linked Ashen Lepus (WIRTE) group is using the AshTag malware suite to target Middle Eastern diplomatic and government entities with advanced, hidden tactics.

·

Ashen Lepus, AshTag, Cyber Attack, Cyber Espionage, cybersecurity, Hamas, Malware, Middle East, Palestine, Palo Alto Networks, Security

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Coupang CEO Steps Down After Data Breach Hits 33.7 Million Users

South Korean e-commerce giant Coupang faces intense scrutiny after CEO Park Dae-jun resigns over a data breach that exposed 33.7 million customer accounts. Read about the police raids, US lawsuit, and regulatory orders from PIPC.

·

Coupang, Cyber Attack, cybersecurity, Data Breach, Privacy, Security, South Korea

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting RSC-Enabled Services Worldwide

Torrance, United States / California, December 12th, 2025, CyberNewsWire In December 2025, CVE-2025-55182 (React2Shell), a vulnerability in React…

·

CISA, Criminal IP, Cyber Attack, cybersecurity, News, Press Release, RCE, React2Shell, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
UK’s ICO Fine LastPass £1.2 Million Over 2022 Security Breach

UK’s ICO fines LastPass £1.2M for the 2022 data breach that exposed 1.6 million users’ data. Learn how a flaw in an employee’s personal PC led to the massive security failure.

·

cybersecurity, GDPR, ICO, Lastpass, Password, Password manager, Privacy, Security, UK, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Fake Microsoft Teams and Google Meet Downloads Spread Oyster Backdoor

The Oyster backdoor (also known as Broomstick) is targeting the financial world, using malicious search ads for PuTTY, Teams, and Google Meet.

·

backdoor, Broomstick, CleanUpLoader, Cyber Attack, CyberProof, cybersecurity, Google Meet, Malvertising, Malware, Microsoft Teams, Oyster, PuTTY, Security, SEO Poisoning, WinSCP

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

Category: cybersecurity