1010.cx – Page 29 – cybersecurity / defense / intelligence

Tax Phishing Emails Deliver In-Memory Malware to Windows Systems

·

cyber security, Cyber Security News, Malware, Phishing

Cybercriminals are leveraging tax-themed phishing emails to deploy sophisticated in-memory malware on Windows systems, bypassing traditional disk-based detection mechanisms. The attack cascade begins when victims receive phishing emails containing malicious attachments disguised as official tax documents, W-2 forms, or rejected tax form notifications from legitimate entities like Intuit QuickBooks or HM Revenue & Customs. When […]

The post Tax Phishing Emails Deliver In-Memory Malware to Windows Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs

·

Microsoft on Tuesday released fixes for a record 206 security vulnerabilities impacting its software portfolio, including three flaws that have been publicly disclosed at the time of release. Of the 206 flaws, 39 are rated Critical, and 167 are rated Important in severity. This includes 63 privilege escalation, 56 remote code execution, 30 information disclosure, 27 spoofing, 20 security

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Microsoft June 2026 Patch Tuesday Fixes 206 Flaws and 3 Zero-Days

·

0day, cybersecurity, Microsoft, Patch Tuesday, Security, vulnerability, Windows

Microsoft’s June 2026 patch Tuesday resolves 206 vulnerabilities, including 3 critical zero-days and severe 9.8 CVSS kernel, network and HTTP.sys flaws.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Malicious npm Package ‘dbmux’ Targets Developers

·

cyber security, Cyber Security News

Malware was discovered in the npm package dbmux. Any computer with this package installed or running should be considered fully compromised. The GitHub Advisory (GHSA-62wx-5f55-w8g2) characterizes the incident as severe: any machine with dbmux installed or executing it should be treated as fully compromised. The advisory and subsequent analysis indicate the malicious code provides attackers […]

The post Malicious npm Package ‘dbmux’ Targets Developers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Windows BitLocker 0-Day Flaw Enables Security Feature Bypass Attacks

·

cyber security, Cyber Security News, vulnerability, Windows, Zero-Day, zeroday

Microsoft has disclosed a newly identified zero-day vulnerability in Windows BitLocker that could allow attackers to bypass one of the operating system’s core disk encryption protections. The flaw, tracked as CVE-2026-50507, has been classified as an “Important” severity issue and highlights weaknesses in the enforcement of authentication within the BitLocker security framework. Windows BitLocker 0-Day […]

The post Windows BitLocker 0-Day Flaw Enables Security Feature Bypass Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Windows Defender Zero-Day “RoguePlanet” Lets Attackers Gain SYSTEM Privileges

·

cyber security, Cyber Security News, vulnerability, Windows, Zero-Day

A newly disclosed zero-day vulnerability dubbed “RoguePlanet” is affecting Microsoft Defender, allowing attackers to escalate privileges and obtain full SYSTEM-level access on vulnerable Windows machines. A security researcher recently published the issue under the alias “MSNightmare,” who released a proof-of-concept (PoC) exploit on GitHub. The vulnerability appears to affect both Windows 10 and Windows 11 […]

The post Windows Defender Zero-Day “RoguePlanet” Lets Attackers Gain SYSTEM Privileges appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Anthropic Releases Claude Fable 5, Its Most Powerful AI Yet, With Cyber Safeguards

·

On June 9, Anthropic released Claude Fable 5, the most capable model it has ever made, generally available. It also did something unusual: it shipped one model as two products, split not by capability but by a layer of safety classifiers. Fable 5 goes to the public. Its twin, Claude Mythos 5, the same underlying model with the cyber safeguards lifted, stays locked to a vetted group of cyber

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
OpenClaw AI Agent Leaks Credentials in Phishing Simulation

·

cyber security, Cyber Security News, Phishing

Autonomous email agents can become high‑impact phishing victims, leaking cloud credentials and sensitive business data even when wrapped in explicit safety instructions. In a controlled lab deployment on the OpenClaw agent platform, an AI agent dubbed “Pinchy” failed multiple classic phishing simulations, including one in which it forwarded AWS IAM keys, database passwords, and SSH […]

The post OpenClaw AI Agent Leaks Credentials in Phishing Simulation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
ServiceNow Flaw Exploited to Gain Unauthorized Access to Customer Instances

·

ServiceNow has warned about a security incident in which unknown threat actors exploited a flaw to obtain deeper unauthorized access to susceptible instances. “On June 5, 2026, ServiceNow applied a security update to hosted customer instances,” the company revealed in an advisory that requires customer access. “The update concerned a security issue that could allow an unauthenticated user, in

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Microsoft Patch Tuesday June 2026 Fixes 198 Vulnerabilities, Including 3 Zero-Days

·

cyber security, Cyber Security News, Microsoft, Windows

Microsoft’s June 2026 Patch Tuesday fixes 198 vulnerabilities across Windows, Office, Azure and other Microsoft products, including three zero‑day flaws that were exploited or publicly disclosed before patches were available. Security teams should fast‑track deployment of BitLocker and HTTP.sys, Remote Desktop, Hyper‑V, and core identity components such as Kerberos and Active Directory. Microsoft’s June 9, […]

The post Microsoft Patch Tuesday June 2026 Fixes 198 Vulnerabilities, Including 3 Zero-Days appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶