1010.cx – Page 120 – cybersecurity / defense / intelligence

New Wave of Odyssey Stealer Targets macOS Users in Active Cyberattack Campaign

·

Cyber Attack, cyber security, Cyber Security News, macOS

A significant surge in Odyssey Stealer activity is currently targeting macOS users across multiple continents, with recent telemetry data revealing a dramatic geographic expansion of this sophisticated information-stealing campaign. Security researchers have observed newly updated malware samples spreading rapidly beyond their initial focus areas, now affecting users in the United Kingdom, Germany, Italy, Canada, Brazil, […]

The post New Wave of Odyssey Stealer Targets macOS Users in Active Cyberattack Campaign appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
APT-Q-27 Launches Stealthy Attacks on Corporate Networks, Evades Detection

·

APT, cyber security, Cyber Security News

A new, highly sophisticated cyberattack campaign that reveals how attackers are bypassing modern defenses to infiltrate corporate networks. The investigation points to a stealthy, multi-stage intrusion likely orchestrated by the threat group known as APT-Q-27, or “GoldenEyeDog”. The attack began with a common, everyday task: a customer support agent clicking a link in a support […]

The post APT-Q-27 Launches Stealthy Attacks on Corporate Networks, Evades Detection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
CISA Alerts Exploited React Native Community Security Flaw

·

CVE/vulnerability, cyber security, Cyber Security News, React, vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting the React Native Community CLI to its Known Exploited Vulnerabilities (KEV) catalog. Identified as CVE-2025-11953, this vulnerability is an Operating System (OS) command injection flaw that poses severe risks to development environments, particularly those running on Windows infrastructures. The addition to the KEV […]

The post CISA Alerts Exploited React Native Community Security Flaw appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
CentOS 9 Security Flaw Enables Privilege Escalation – PoC Released

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

A critical security flaw has been identified in CentOS 9 that allows a local user to escalate their privileges to root. The vulnerability, which stems from a Use-After-Free (UAF) condition in the Linux kernel’s networking subsystem, was awarded first place in the Linux category at the TyphoonPWN 2025 hacking competition. A Proof-of-Concept (PoC) exploit has […]

The post CentOS 9 Security Flaw Enables Privilege Escalation – PoC Released appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Phishing and OAuth Token Vulnerabilities Lead to Full Microsoft 365 Breach

·

cyber security, Cyber Security News, Phishing, Vulnerabilities

Two medium-severity vulnerabilities, an unsecured email API endpoint and verbose error messages exposing OAuth tokens, chain together to enable authenticated phishing that bypasses all email security controls, persistent access to Microsoft 365 environments While protocols like SPF, DKIM, and DMARC have made traditional domain spoofing difficult, attackers have evolved. They now seek ways to send […]

The post Phishing and OAuth Token Vulnerabilities Lead to Full Microsoft 365 Breach appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Hackers Exploit Windows Screensaver to Deploy RMM Tools, Gain Remote Access

·

cyber security, Cyber Security News, Windows

A new spear phishing campaign that weaponizes a forgotten file type to bypass modern defenses. Attackers are luring victims into downloading Windows screensaver (.scr) files, which silently deploy legitimate Remote Monitoring and Management (RMM) software to establish persistent control over targeted systems. The campaign utilizes a simple yet effective delivery mechanism designed to evade reputation-based […]

The post Hackers Exploit Windows Screensaver to Deploy RMM Tools, Gain Remote Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source Libraries

·

Artificial intelligence (AI) company Anthropic revealed that its latest large language model (LLM), Claude Opus 4.6, has found more than 500 previously unknown high-severity security flaws in open-source libraries, including Ghostscript, OpenSC, and CGIF. Claude Opus 4.6, which was launched on Thursday, comes with improved coding skills, including code review and debugging capabilities, along

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
CISA Advisory Highlights Exploited SmarterTools Vulnerability in Recent Ransomware Attacks

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity vulnerability affecting SmarterTools SmarterMail to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2026-24423, this flaw is actively being weaponized in the wild, with security researchers confirming its use in recent ransomware campaigns. This addition mandates that Federal Civilian Executive Branch (FCEB) agencies remediate the […]

The post CISA Advisory Highlights Exploited SmarterTools Vulnerability in Recent Ransomware Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Spam Campaign Distributes Fake PDFs, Deploys Remote Monitoring Tools for Ongoing Access

·

cyber security, Cyber Security News

An ongoing spam campaign that leverages social engineering to deploy legitimate Remote Monitoring and Management (RMM) software on victim networks. By disguising malicious payloads as essential Adobe Acrobat updates, threat actors are successfully bypassing traditional security controls and establishing persistent remote access to sensitive systems. The campaign begins with a deceptive email delivering a PDF […]

The post Spam Campaign Distributes Fake PDFs, Deploys Remote Monitoring Tools for Ongoing Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Betterment Data Breach Exposes Sensitive Information of 1.4 Million Customers

·

cyber security, Cyber Security News, Data Breach, vulnerability

Automated investment platform Betterment has confirmed a data breach affecting approximately 1.4 million customers. The incident, which occurred in January 2026, was the result of a targeted social engineering attack rather than a direct exploit of the company’s core infrastructure. The breach sequence began on January 9, 2026. According to Betterment’s forensic investigation, unauthorized actors […]

The post Betterment Data Breach Exposes Sensitive Information of 1.4 Million Customers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶