1010.cx – Page 3 – cybersecurity / defense / intelligence

Hackers Exploit Hidden Microsoft 365 Mailbox Rules to Steal Sensitive Business Emails

·

cyber security, Cyber Security News, Microsoft

Attackers are quietly abusing Microsoft 365 mailbox rules to steal emails, hide alerts, and maintain long-term access without installing malware. These stealthy tactics are increasingly common in business email compromise (BEC) campaigns targeting enterprise users worldwide. After gaining initial access often through phishing, password spraying, or compromised OAuth tokens attackers focus on persistence and stealth. […]

The post Hackers Exploit Hidden Microsoft 365 Mailbox Rules to Steal Sensitive Business Emails appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities

·

Microsoft on Tuesday released updates to address a record 169 security flaws across its product portfolio, including one vulnerability that has been actively exploited in the wild. Of these 169 vulnerabilities, 157 are rated Important, eight are rated Critical, three are rated Moderate, and one is rated Low in severity. Ninety-three of the flaws are

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Active HanGhost Loader Campaign Targets Enterprise Payment and Logistics Workflows

·

ANY.RUN, Cyber-Attacks, cybersecurity, HanGhost Loader, Logistics, Malware, Security

Active HanGhost Loader campaign targets enterprise payment and logistics workflows with fileless attacks, multi-stage execution, and stealthy malware delivery.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Agentic LLM Browsers Open New Front in Prompt Injection, Data Theft

·

cyber security, Cyber Security News

Agentic LLM browsers are turning everyday browsing into automated, AI-driven workflows but they also expose a powerful new attack surface for prompt injection and data theft. By letting an AI “drive” the browser with your full session, cookies, and permissions, old bugs like XSS now escalate into full agent hijack and cross-site compromise. Since the […]

The post Agentic LLM Browsers Open New Front in Prompt Injection, Data Theft appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Microsoft Warns of Actively Exploited SharePoint Server Zero-Day

·

CVE/vulnerability, cyber security, Cyber Security News, Microsoft, vulnerability

Microsoft issued an urgent security update addressing an actively exploited zero-day vulnerability in its SharePoint Server platform. The flaw, officially tracked as CVE-2026-32201, allows unauthenticated attackers to conduct network-based spoofing attacks. Because threat actors are already exploiting this weakness in the wild, system administrators must apply the available patches immediately to protect their corporate networks. […]

The post Microsoft Warns of Actively Exploited SharePoint Server Zero-Day appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
FUNNULL Scam Network Resurfaces With 175+ Rotating Domains Worldwide

·

cyber security, Cyber Security News

FUNNULL-Linked Triad Nexus has quietly rebuilt its scam infrastructure, now rotating through more than 175 CNAME domains to keep a sprawling global fraud and brand‑impersonation network online. Following U.S. Treasury sanctions in May 2025 against FUNNULL Technology Inc., a core infrastructure provider behind the group, Triad Nexus has shifted to more mature operational security while […]

The post FUNNULL Scam Network Resurfaces With 175+ Rotating Domains Worldwide appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
OpenAI Introduces GPT-5.4 for Reverse Engineering, Vulnerability Discovery, and Malware Analysis

·

ChatGPT, cyber security, Cyber Security News, Malware, OpenAI, vulnerability, Vulnerability Analysis

OpenAI has officially launched GPT-5.4-Cyber, a specialized variant of its latest artificial intelligence model explicitly fine-tuned for defensive cybersecurity. Alongside this release, the organization is significantly scaling its Trusted Access for Cyber (TAC) program, providing verified security professionals with advanced capabilities to combat increasingly sophisticated digital threats. As threat actors rapidly adopt AI-driven techniques to […]

The post OpenAI Introduces GPT-5.4 for Reverse Engineering, Vulnerability Discovery, and Malware Analysis appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Ivanti Neurons for ITSM Vulnerabilities Let Remote Attackers Hijack User Sessions

·

CVE/vulnerability, cyber security, Cyber Security News, Vulnerabilities, vulnerability

Ivanti has issued a security advisory detailing two medium-severity vulnerabilities affecting its Neurons for IT Service Management (ITSM) platform. If left unpatched, these security flaws could allow remote authenticated attackers to compromise user sessions and maintain unauthorized access to corporate networks, even after their accounts have been deactivated by administrators. The vulnerabilities impact both on-premise […]

The post Ivanti Neurons for ITSM Vulnerabilities Let Remote Attackers Hijack User Sessions appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
JanaWare Ransomware Hits Turkish Users via Customized Adwind RAT

·

cyber security, Cyber Security News, Ransomware

A new ransomware campaign dubbed “JanaWare”, leveraging a customized variant of the Adwind remote access Trojan (RAT) to target users in Turkey. The malware exhibits polymorphic behavior, advanced obfuscation, and strict geofencing controls to restrict activity to Turkish systems, signaling a focused and persistent operation. The JanaWare ransomware is distributed through phishing emails containing malicious Java archive (JAR) attachments. Once […]

The post JanaWare Ransomware Hits Turkish Users via Customized Adwind RAT appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Fortinet Fixes 11 Security Flaws Affecting FortiSandbox, FortiOS, FortiAnalyzer, and FortiManager

·

CVE/vulnerability, cyber security, Cyber Security News, Vulnerabilities, vulnerability

Fortinet has recently released a comprehensive security update, patching 11 newly identified vulnerabilities across several of its core enterprise products. The security flaws affect critical infrastructure components, including FortiSandbox, FortiOS, FortiAnalyzer, and FortiManager. Addressing these vulnerabilities is paramount for organizations relying on these solutions to maintain robust network security and prevent potential unauthorized access or […]

The post Fortinet Fixes 11 Security Flaws Affecting FortiSandbox, FortiOS, FortiAnalyzer, and FortiManager appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶