1010.cx – Page 110 – cybersecurity / defense / intelligence

SAP Security Patch Day Fixes Critical Code Injection Flaw in SAP CRM and S/4HANA

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

SAP said the February 10, 2026 Patch Day delivered fixes across multiple SAP products and urged customers to apply patches with priority via the Support Portal to protect their SAP landscape. The highest-risk item highlighted this month is CVE-2026-0488, described as a code injection vulnerability affecting SAP CRM and SAP S/4HANA (Scripting Editor) and tracked […]

The post SAP Security Patch Day Fixes Critical Code Injection Flaw in SAP CRM and S/4HANA appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
TeamPCP Turns Cloud Misconfigurations Into a Self-Propagating Cybercrime Platform

·

cyber security, Cyber Security News

TeamPCP, operating under aliases including PCPcat, ShellForce, and DeadCatx3, emerged in late 2025 as a cloud-native cybercrime operation that transforms misconfigured infrastructure into automated attack platforms. Unlike traditional malware groups, this threat actor doesn’t break into systems they walk through doors left open by exposed Docker APIs, Kubernetes clusters, Ray dashboards, Redis servers, and React2Shell-vulnerable […]

The post TeamPCP Turns Cloud Misconfigurations Into a Self-Propagating Cybercrime Platform appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Socelars Malware Targets Windows Systems to Steal Sensitive Data

·

cyber security, Cyber Security News, Malware, Windows

Security researchers are tracking Socelars, an information-stealing Trojan aimed at Windows users that focuses on quietly harvesting browser-based access rather than damaging files. The malware is designed to collect authenticated session data and other system identifiers that can let attackers reuse a victim’s existing “logged-in” state to reach online services. Public reporting has linked Socelars to […]

The post Socelars Malware Targets Windows Systems to Steal Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
APT36 Targets Linux Systems With New Tools Designed to Disrupt Services

·

APT, cyber security, Cyber Security News, Linux

Critical infrastructure worldwide faces mounting threats from sophisticated, state-sponsored “espionage ecosystems.” These well-funded organizations deploy various tools designed to disrupt essential services and gather intelligence. Some launch denial-of-service (DDoS) attacks against transport hubs and supply chains. In contrast, others seek geopolitical advantage by mining sensitive information and bypassing traditional security measures. For over a decade, […]

The post APT36 Targets Linux Systems With New Tools Designed to Disrupt Services appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Pride Month Phishing Targets Employees via Trusted Email Services

·

Captcha, CryptoChameleon, Cyber-Attacks, cybersecurity, Fraud, HubSpot, MailChimp, Mimecast, Phishing, Phishing Scam, PoisonSeed, Pride Month, Privacy, SCAM, Scattered Spider, Security, SendGrid

Attackers are using Pride Month themed phishing emails to target employees worldwide, abusing trusted email platforms like SendGrid to harvest credentials.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Threat Actors Weaponize Bing Ads for Azure Tech Support Scams

·

Azure, cyber security, Cyber Security News

A sophisticated tech support scam campaign has emerged, exploiting malicious advertisements on Bing search results to redirect victims to fraudulent websites hosted on Microsoft’s Azure Blob Storage platform. The attack, first detected on February 2, 2026, affected users across 48 organizations in the United States within hours, demonstrating the effectiveness of weaponizing legitimate advertising channels […]

The post Threat Actors Weaponize Bing Ads for Azure Tech Support Scams appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
UNC1069 Targets Financial Firms With New Tools and AI-Driven Social Engineering Attacks

·

AI, cyber security, Cyber Security News

North Korean threat actor UNC1069 has escalated attacks against the cryptocurrency and decentralized finance (DeFi) sector using sophisticated AI-powered social engineering tactics and seven distinct malware families, according to a recent Mandiant investigation. The financially motivated group, active since 2018, deployed an unprecedented arsenal of tools, including newly discovered malware dubbed SILENCELIFT, DEEPBREATH, and CHROMEPUSH, […]

The post UNC1069 Targets Financial Firms With New Tools and AI-Driven Social Engineering Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
ZAST.AI Raises $6M Pre-A to Scale “Zero False Positive” AI-Powered Code Security

·

January 5, 2026, Seattle, USA — ZAST.AI announced the completion of a $6 million Pre-A funding round. This investment came from the well-known investment firm Hillhouse Capital, bringing ZAST.AI’s total funding close to $10 million. This marks a recognition from leading capital markets of a new solution: ending the era of high false positive rates in security tools and making every alert

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
VoidLink Linux C2 Uses LLM-Generated Malware with Kernel-Level Stealth

·

cyber security, Cyber Security News, Malware

VoidLink represents a concerning evolution in malware development: a sophisticated Linux command-and-control framework that shows clear signs of being built with AI assistance. This Linux malware operates as a modular implant designed for long-term access to compromised systems. It doesn’t discriminate between cloud providers, actively harvesting credentials from AWS, Google Cloud Platform, Microsoft Azure, Alibaba Cloud, and […]

The post VoidLink Linux C2 Uses LLM-Generated Malware with Kernel-Level Stealth appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Warlock Ransomware Breaches SmarterTools Through Unpatched SmarterMail Server

·

SmarterTools confirmed last week that the Warlock (aka Storm-2603) ransomware gang breached its network by exploiting an unpatched SmarterMail instance. The incident took place on January 29, 2026, when a mail server that was not updated to the latest version was compromised, the company’s Chief Commercial Officer, Derek Curtis, said. “Prior to the breach, we had approximately 30 servers/VMs

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶