1010.cx – Page 18 – cybersecurity / defense / intelligence

SearchJack Adware Campaign Exposes 758,000 Users to Privacy and Phishing Risks

·

cyber security, Cyber Security News, Phishing

A coordinated campaign of 23 seemingly legitimate Chrome extensions tracked as “SearchJack” has quietly hijacked the default search settings of roughly 758,000 users, routing queries through operator-controlled monetization middleware before returning results. At first glance the extensions promise useful features satellite imagery, productivity tools, news readers, maps but their true purpose is affiliate search monetization, […]

The post SearchJack Adware Campaign Exposes 758,000 Users to Privacy and Phishing Risks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
SHADOWBYT3$ Allegedly Claims Nintendo Breach and Theft of Sensitive Data

·

cyber security, Cyber Security News, Data Breach

Threat intelligence sources have flagged a potential cybersecurity incident involving Nintendo after threat actor “SHADOWBYT3$” allegedly claimed responsibility for breaching internal systems and exfiltrating sensitive data. The claim surfaced on June 13, 2026, via underground monitoring channels and was later amplified by threat intelligence platform Hackmanac. At the time of writing, the incident remains unverified, […]

The post SHADOWBYT3$ Allegedly Claims Nintendo Breach and Theft of Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Palo Alto Warns GlobalProtect VPN Flaw Is Being Actively Exploited

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

Palo Alto Networks has issued an urgent warning after confirming active exploitation of a GlobalProtect VPN vulnerability, tracked as CVE-2026-0257, impacting PAN-OS deployments with specific configurations. The flaw, which affects the GlobalProtect portal and gateway components, enables an authentication bypass that allows unauthenticated attackers to establish VPN sessions and potentially gain access to internal enterprise […]

The post Palo Alto Warns GlobalProtect VPN Flaw Is Being Actively Exploited appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
PromptSnatcher Browser Extensions Abuse AI Platforms to Capture Full Chat Conversations

·

AI, cyber security, Cyber Security News

PromptSnatcher (internal identifier: Panel 231) is a modern, stealthy data collection operation embedded inside two browser extensions that masquerade as ad‑blockers while harvesting full chat conversations and account metadata from major AI platforms. The extensions deliver genuine ad‑blocking and cookie‑banner suppression by ingesting legitimate public filter lists such as EasyList and I Don’t Care About […]

The post PromptSnatcher Browser Extensions Abuse AI Platforms to Capture Full Chat Conversations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Sniper Dz Scams Target MENA Users via Fake Facebook Offers and Browser Alerts

·

Cybersecurity researchers have disclosed details of fraudulent activity targeting users across the Middle East and North Africa by employing various fraudulent Facebook accounts impersonating politicians, public figures, and trusted organizations. “These accounts promoted fake offers, including free mobile internet packages, financial compensation, and government subsidy programs,” Group-IB

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Russia-Aligned Hackers Exploit Old WinRAR Vulnerability to Target Ukrainian Organizations

·

cyber security, Cyber Security News, vulnerability

CVE-2025-8088, a WinRAR path traversal vulnerability patched in July 2025, remains a potent initial access vector for multiple intrusion sets targeting Ukraine. Analysis of attacks through April 2026 shows at least two distinct campaigns exploiting this vulnerability: a compiled-stealer chain attributed to an intrusion set we temporarily label SHADOW-EARTH-066 (tracked by CERT‑UA as UAC‑0226) and […]

The post Russia-Aligned Hackers Exploit Old WinRAR Vulnerability to Target Ukrainian Organizations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw

·

Palo Alto Networks has revealed that it has observed “active exploitation” of a recently disclosed PAN-OS vulnerability by an unknown threat actor to obtain unauthorized access to GlobalProtect portals. The vulnerability in question is CVE-2026-0257 (CVSS score: 7.8), an authentication bypass flaw affecting the portal and gateway components of PAN-OS software that could be exploited by bad

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
APT37 Hackers Use NarwhalRAT Malware With MS-Themed Phishing and Dead-Drop C2

·

cyber security, Cyber Security News, Malware

APT37 is using NarwhalRAT in a tightly engineered intrusion chain that starts with Microsoft-themed spear-phishing, pivots through malicious LNK files and PowerShell, and ends with a Python-based backdoor with dead-drop C2 via pCloud. The campaign is notable for its layered tradecraft: social engineering, LOLBin abuse, scheduled-task persistence, in-memory execution, and selective data theft are all […]

The post APT37 Hackers Use NarwhalRAT Malware With MS-Themed Phishing and Dead-Drop C2 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Critical Wazuh Flaw Enables Threat Actors to Alter Alerts and Remove Logs

·

CVE/vulnerability, cyber security, Cyber Security News, PoC, vulnerability

A critical security flaw in Wazuh Manager could allow unauthenticated threat actors to tamper with alerts, delete forensic evidence, and execute arbitrary OpenSearch operations by exploiting an input validation weakness in the platform’s new inventory synchronization pipeline. Tracked under GitHub advisory GHSA-ff9g-85jq-r3g3, the vulnerability affects Wazuh Manager version 5.0.0-beta1 and carries a maximum CVSS score […]

The post Critical Wazuh Flaw Enables Threat Actors to Alter Alerts and Remove Logs appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Threat Actor Malware Platform Exposed Through Unlocked PHP Installer Page

·

cyber security, Cyber Security News, PHP

A misconfigured PHP-based malware distribution platform has been exposed after a security researcher inadvertently gained administrative access via an unlocked installation page, highlighting critical operational security failures in the active threat actor’s infrastructure. The incident, documented on June 11, 2026, began with routine threat intelligence monitoring on X (formerly Twitter), where a suspicious software download […]

The post Threat Actor Malware Platform Exposed Through Unlocked PHP Installer Page appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶