1010.cx – Page 10 – cybersecurity / defense / intelligence

cPanel Vulnerability Exploited to Compromise Government and Military Servers

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

A critical authentication bypass vulnerability in cPanel and Web Host Manager, officially tracked as CVE-2026-41940, is currently being exploited by unidentified threat actors. Security researchers at Ctrl-Alt-Intel recently uncovered an alarming campaign leveraging this vulnerability to compromise government and military organizations across Southeast Asia. The attackers managed to weaponize publicly available exploit code just days […]

The post cPanel Vulnerability Exploited to Compromise Government and Military Servers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Attackers Hijack SAP npm Packages to Steal Dev Secrets

·

cyber security, Cyber Security News

A sophisticated supply chain attack hit the SAP developer ecosystem on April 29, 2026, compromising four widely-used npm packages with credential-stealing malware. The attackers modified package installation scripts to download the Bun JavaScript runtime a legitimate alternative to Node.js during the npm install process. This technique bypasses Node.js-based security monitoring by executing an 11.6 MB […]

The post Attackers Hijack SAP npm Packages to Steal Dev Secrets appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
AI-Powered Threat Actors Accelerate 0-Day Discovery at Machine Speed

·

AI, cyber security, Cyber Security News

Threat actors are already using AI models as autonomous operators to discover and exploit 0‑days in minutes, thereby collapsing the time and cost required to run complex intrusion campaigns. This shift, first clearly visible in late 2025 operations, is forcing defenders to rethink detection, containment, and even how they define insider risk. Until 2025, attackers […]

The post AI-Powered Threat Actors Accelerate 0-Day Discovery at Machine Speed appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Email Bombing, Fake IT Support Calls Drive Microsoft Teams Phishing Surge

·

cyber security, Cyber Security News, Phishing

Email bombing campaigns combined with fake IT support outreach are driving a surge in sophisticated Microsoft Teams phishing attacks. The attacks typically begin with email bombing, where victims are flooded with spam messages to create confusion and urgency. Shortly after, threat actors initiate contact via Microsoft Teams, impersonating internal IT support or helpdesk personnel. Posing […]

The post Email Bombing, Fake IT Support Calls Drive Microsoft Teams Phishing Surge appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
MOVEit Authentication Bypass Vulnerability Sparks Security Concerns

·

CVE/vulnerability, cyber security, Cyber Security News, Vulnerabilities, vulnerability

Progress Software has issued a critical security alert for its MOVEit Automation software. Two severe vulnerabilities have been discovered that could allow attackers to bypass authentication and escalate their privileges. Because of the critical nature of these flaws, administrators are urged to apply the latest security patches immediately to prevent unauthorized access and data exposure. […]

The post MOVEit Authentication Bypass Vulnerability Sparks Security Concerns appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
FreeBSD Systems at Risk From DHCP Client RCE Vulnerability

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

The FreeBSD Project has issued a critical security advisory (FreeBSD-SA-26:12.dhclient) to address a severe Remote Code Execution (RCE) vulnerability in its default IPv4 DHCP client. Tracked as CVE-2026-42511, this flaw allows local network attackers to execute arbitrary code with root privileges. Discovered by Joshua Rogers of the AISLE Research Team, the vulnerability affects all supported […]

The post FreeBSD Systems at Risk From DHCP Client RCE Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Trellix Source Code Breach Exposes Repository to Unauthorized Access

·

cyber security, Cyber Security News, Data Breach

Leading cybersecurity firm Trellix has announced a security incident involving unauthorized access to a portion of its source code repository. The breach highlights a growing trend of threat actors targeting top-tier security vendors to uncover potential software vulnerabilities. The Breach and Immediate Response In a recent public statement, Trellix confirmed that a threat actor had […]

The post Trellix Source Code Breach Exposes Repository to Unauthorized Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
DigiCert Root Certificates Incorrectly Detected as Malware by Microsoft Defender

·

cyber security, Cyber Security News, Malware, Microsoft, vulnerability

On May 3, 2026, system administrators and everyday users worldwide experienced a sudden, massive spike in severe security alerts from Microsoft Defender. The native Windows security platform began aggressively flagging system files as “Trojan:Win32/Cerdigent.A!dha.” This unexpected detection caused widespread panic across IT departments, leading many professionals to believe a sophisticated threat actor had actively compromised […]

The post DigiCert Root Certificates Incorrectly Detected as Malware by Microsoft Defender appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M

·

A coordinated international operation involving U.S. and Chinese authorities has arrested at least 276 suspects and shut down nine scam centers used for cryptocurrency investment fraud schemes targeting Americans, resulting in millions of dollars in losses. The crackdown was led by the Dubai Police, under the United Arab Emirates (UAE) Ministry of Interior, in partnership with the U.S. Federal

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Paying Ransom Won’t Help as VECT 2.0 Ransomware Destroys Data Irreversibly

·

Check Point, Cyber Attack, Cyber Crime, Cyber-Attacks, cybersecurity, RaaS, Ransomware, Security, VECT, Windows

VECT 2.0 ransomware contains fatal flaws that permanently destroy files, making recovery impossible and rendering ransom payments useless for victims worldwide.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶