1010.cx

  • UNC2891 Hackers Use Raspberry Pi and Fake Cards to Steal ATM Cash

    ·

    ,

    A secretive cybercrime group called UNC2891 has been quietly draining ATMs across Southeast Asian banks for years, using an ingenious combination of custom malware and hidden hardware. Recent research from Group-IB reveals how this financially motivated threat actor has maintained invisible access to dozens of banking systems since 2017, employing techniques that blend digital hacking […]

    The post UNC2891 Hackers Use Raspberry Pi and Fake Cards to Steal ATM Cash appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Windows 11 to Hide BSOD Crash Errors on Public Displays

    ·

    ,

    Microsoft has introduced a practical new feature in Windows 11 designed specifically for public-facing monitors and signage. This new mode ensures that the dreaded Blue Screen of Death (BSOD) and other disruptive error dialogs are hidden from view on non-interactive displays.

    Whether the machine is powering a digital restaurant menu, an airport flight schedule, or a billboard advertisement, this update prevents the embarrassment of public crash loops.

    The core functionality of this mode revolves around discretion. Once enabled, the operating system suppresses the standard behavior of displaying permanent error screens when a critical fault occurs.

    Instead of leaving a frozen blue screen visible to customers for hours, Windows attempts to handle the failure more gracefully behind the scenes.

    Diagnostic Recovery Behavior

    While hiding errors is crucial for aesthetics, technicians still need access to diagnostic information. Microsoft has implemented a clever workaround: when a critical system error or a recovery screen is required for diagnostics, Windows displays the error message for only 15 seconds.

    After this brief window, the screen will automatically turn off to conceal the issue. The display remains black until a technician interacts with the device using a keyboard or mouse, at which point the screen reactivates to allow for troubleshooting, Microsoft added.

    It is essential to distinguish this feature from Kiosk mode. This new setting does not replace Kiosk mode, which remains the correct solution for interactive public terminals where users need limited access to specific apps.

    This new “hide error” capability is strictly for passive displays where no user interaction is expected.

    System administrators can easily enable this feature through the standard Windows Settings app or by deploying a specific registry key across their fleet of devices, making it a simple but effective upgrade for digital signage management.

    Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

    The post Windows 11 to Hide BSOD Crash Errors on Public Displays appeared first on Cyber Security News.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Clop Ransomware Claims Broadcom Breach Through E-Business Suite 0-Day

    ·

    , , ,

    The notorious Cl0p ransomware gang has publicly claimed responsibility for breaching Broadcom, a leading semiconductor and infrastructure software company. According to threat intelligence sources, the attackers exploited an unpatched zero-day vulnerability in Oracle E-Business Suite to gain initial access to the company’s systems. Security researchers have not independently verified the claim, though Broadcom has not […]

    The post Clop Ransomware Claims Broadcom Breach Through E-Business Suite 0-Day appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Critical Grafana Flaw Lets Attackers Escalate Privileges

    ·

    , , ,

    Grafana Labs has released critical security patches addressing a severe vulnerability in its SCIM provisioning feature that could allow attackers to escalate privileges or impersonate users. The flaw, tracked as CVE-2025-41115 with a CVSS score of 10.0 (Critical), affects Grafana Enterprise versions 12.0.0 through 12.2.1 under specific configurations. Organizations using affected versions should update immediately […]

    The post Critical Grafana Flaw Lets Attackers Escalate Privileges appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • SEC Drops SolarWinds Case After Years of High-Stakes Cybersecurity Scrutiny

    ·

    The U.S. Securities and Exchange Commission (SEC) has abandoned its lawsuit against SolarWinds and its chief information security officer, alleging that the company had misled investors about the security practices that led to the 2020 supply chain attack. In a joint motion filed November 20, 2025, the SEC, along with SolarWinds and its CISO Timothy G. Brown, asked the court to voluntarily

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Operation DreamJob Attacks on Manufacturing via WhatsApp Web

    ·

    , ,

    Operation DreamJob, a longstanding North Korean cyberespionage campaign, has once again demonstrated its lethal effectiveness by targeting manufacturing organizations through deceptive job-related messages delivered via WhatsApp Web. In August 2025, Orange Cyberdefense’s CyberSOC and CSIRT investigated an intrusion targeting an Asian subsidiary of a large European manufacturing organization, revealing how threat actors leveraged social engineering […]

    The post Operation DreamJob Attacks on Manufacturing via WhatsApp Web appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Salesforce Confirms Customer Data Was Exposed in Gainsight Breach

    ·

    , ,

    Salesforce has identified unusual activity involving applications published by Gainsight that are connected to the Salesforce platform. The company’s investigation revealed that this suspicious activity resulted in unauthorized access to specific customer data stored in Salesforce environments. Upon discovery, Salesforce took immediate action to contain the incident. The affected applications were installed and managed directly […]

    The post Salesforce Confirms Customer Data Was Exposed in Gainsight Breach appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Clop Ransomware Claims Oracle Breach Using E-Business Suite 0-Day

    ·

    , , ,

    The notorious Clop ransomware gang, also known as Graceful Spider, has listed Oracle Corporation on its dark web leak site, claiming to have successfully breached the technology giant’s internal systems. This alarming development represents a significant escalation in the group’s ongoing extortion campaign targeting a critical zero-day vulnerability in Oracle E-Business Suite (EBS), identified as […]

    The post Clop Ransomware Claims Oracle Breach Using E-Business Suite 0-Day appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • SonicOS SSLVPN Vulnerability Let Attackers Crash the Firewall Remotely

    ·

    , , ,

    SonicWall has disclosed a critical stack-based buffer overflow vulnerability in its SonicOS SSLVPN service. That allows remote unauthenticated attackers to crash firewalls through denial-of-service attacks.

    The vulnerability was internally discovered and reported by SonicWall’s security team. The flaw, tracked as CVE-2025-40601, carries a CVSS score of 7.5 and affects multiple generations of SonicWall firewall products.

    FieldValue
    CVE IDCVE-2025-40601
    CWECWE-121
    CVSS Score7.5 (High)
    CVSS VectorCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

    Understanding the Vulnerability

    The vulnerability exists in the SSLVPN service component of SonicOS and stems from a stack-based buffer overflow weakness (CWE-121).

    When exploited, an attacker can send specially crafted requests to the vulnerable SSLVPN interface without authentication, causing the affected firewall to crash and interrupting services.

    SonicWall states that this vulnerability only impacts devices with the SSLVPN interface or service enabled on the firewall. Organizations that do not use this feature remain unaffected.

    Currently, SonicWall PSIRT reports no active exploitation in the wild, and no proof-of-concept code has been publicly released.

    PlatformModelsAffected VersionsFixed Version
    Gen7 Hardware FirewallsTZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700-6700, NSsp 10700-157007.3.0-7012 and older7.3.1-7013 and higher
    Gen7 Virtual Firewalls (NSv)NSv270, NSv470, NSv870 (ESX, KVM, HYPER-V, AWS, Azure)7.3.0-7012 and older7.3.1-7013 and higher
    Gen8 FirewallsTZ80, TZ280, TZ380, TZ480, TZ580, TZ680, NSa 2800-58008.0.2-8011 and older8.0.3-8011 and higher

    The vulnerability impacts both Gen7 and Gen8 SonicWall firewalls across hardware and virtual platforms.

    Gen7 devices running firmware versions 7.3.0-7012 and older are vulnerable, while Gen8 firewalls with versions 8.0.2-8011 and earlier are affected. SonicWall Gen6 firewalls and SMA 1000/100 series SSL VPN products are not impacted.

    SonicWall strongly urges organizations to update to the patched firmware versions immediately.

    Until patches can be applied, administrators should restrict SSLVPN access to trusted source IP addresses only or disable the service from untrusted internet sources by modifying existing access rules.

    Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

    The post SonicOS SSLVPN Vulnerability Let Attackers Crash the Firewall Remotely appeared first on Cyber Security News.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • OpenAI Releases GPT-5.1-Codex-Max that Performs Coding Tasks Independently

    ·

    , ,

    OpenAI has launched GPT-5.1-Codex-Max, a specialized coding model designed to handle complex development tasks autonomously.

    The new system represents a significant leap in agentic AI capabilities, enabling machines to work on coding projects with minimal human intervention. GPT-5.1-Codex-Max operates differently from general-purpose AI models.

    Built specifically for software engineering, the model features compaction technology that enables it to process millions of tokens in a single session.

    This breakthrough means developers can assign extensive refactoring projects, debugging sessions, and multi-hour agent loops to the AI.

    Advanced Architecture Powers Independent Development

    Which completes them independently without losing context or coherence. The model can sustain work for extended periods.

    In internal testing, GPT-5.1-Codex-Max completed tasks running for over 24 hours, automatically managing its context window by compacting sessions when necessary.

    This capability transforms how teams approach large-scale code modernization and complex system maintenance. Performance benchmarks demonstrate substantial improvements over previous versions.

    On SWE-bench Verified evaluations, GPT-5.1-Codex-Max achieves 77.9% accuracy compared to 73.7% from its predecessor.

    More notably, the model uses 30% fewer thinking tokens while delivering superior results, directly translating to reduced computational costs for developers.

    Frontend design tasks showcase these efficiency gains effectively. GPT-5.1-Codex-Max produces high-quality interfaces with approximately 27,000 thinking tokens, compared to 37,000 for older models.

    Requiring fewer tool calls and generating more efficient code. The enhanced capabilities bring responsibility.

    OpenAI acknowledges that advanced coding models can, in theory, assist in cybersecurity attacks. However, the company states it hasn’t observed meaningful abuse at scale.

    The team has already disrupted cyber operations by attempting to misuse the model. GPT-5.1-Codex-Max runs in a secure sandbox by default.

    File operations remain confined to designated workspaces, and network access stays disabled unless explicitly enabled.

    OpenAI recommends keeping Codex restricted, as enabling internet connectivity introduces prompt injection vulnerabilities. The company advises developers to review all AI-generated code before deployment.

    Codex produces terminal logs and cites tool calls, reducing bug risks, but should complement rather than replace human code reviews.

    GPT-5.1-Codex-Max is now available through Codex for ChatGPT Plus, Pro, Business, Edu, and Enterprise subscribers. API access is coming soon.

    Internally, 95% of OpenAI’s engineers use Codex weekly, and adoption correlates with approximately 70% more pull requests shipped.

    The model represents progress toward reliable AI coding partners that enhance developer productivity while maintaining security standards.

    Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

    The post OpenAI Releases GPT-5.1-Codex-Max that Performs Coding Tasks Independently appeared first on Cyber Security News.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶