1010.cx

  • Hackers Use ClickFix Chain to Deploy MLTBackdoor Malware

    ·

    , ,

    A sophisticated new backdoor family, tracked as MLTBackdoor, that operators are deploying through a multi-stage ClickFix infection chain to establish footholds for ransomware and follow-on activity. The campaign begins with an automotive-themed ClickFix lure: when a victim copies, pastes, and executes the supplied commands, a compressed archive fetched from a DGA-generated domain drops two artifacts […]

    The post Hackers Use ClickFix Chain to Deploy MLTBackdoor Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows

    ·

    The anonymous security researcher going by the name Chaotic Eclipse (aka Nightmare-Eclipse) has released a proof-of-concept (PoC) exploit for yet another Microsoft Defender zero-day named RoguePlanet. “The exploit is a race condition, so it’s a hit or miss,” the researcher, who published the exploit under a new GitHub account, “MSNightmare” said. “I have managed to get a 100% success rate on

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Critical Veeam Flaw Could Let Attackers Execute Code on Backup Servers

    ·

    , , ,

    A critical remote code execution vulnerability in Veeam Backup & Replication could allow attackers to compromise backup infrastructure, posing significant risks to enterprise environments that depend on the platform for data protection and recovery. Veeam has disclosed the vulnerability as CVE-2026-44963, assigning it a CVSS v4 score of 9.4, which classifies it as critical. According […]

    The post Critical Veeam Flaw Could Let Attackers Execute Code on Backup Servers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Hackers Use TikTok and Instagram Reels to Push Fake Software Malware

    ·

    , , , ,

    An emerging phishing vector that weaponizes short-form social videos on TikTok and Instagram Reels to distribute malware and funnel victims to malicious download sites. Attackers publish polished “how-to” tutorials and casual user-style clips promising free premium software Spotify Premium, CapCut Pro, etc. to entice clicks, comments, and ultimately execution of commands or downloads that deliver […]

    The post Hackers Use TikTok and Instagram Reels to Push Fake Software Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Fortinet FortiSandbox Vulnerability Lets Attackers Execute Unauthorized Commands

    ·

    , , ,

    Fortinet has disclosed a critical vulnerability in its FortiSandbox product that could allow attackers to execute unauthorized commands without authentication, raising significant concerns for enterprises that rely on sandboxing for malware analysis. Tracked as CVE-2026-25089, the flaw is classified as an OS command injection vulnerability (CWE-78). It carries a CVSS v3 score of 9.1, indicating […]

    The post Fortinet FortiSandbox Vulnerability Lets Attackers Execute Unauthorized Commands appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

    ·

    Cybersecurity researchers have flagged half a dozen vulnerabilities in protobuf.js, a JavaScript and TypeScript implementation of Protocol Buffers (Protobuf), that, if successfully exploited, could result in remote code execution (RCE) and denial-of-service (DoS) attacks. “In affected environments, a single malicious protobuf schema, descriptor, or crafted payload could be enough to trigger

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Google Issues Urgent Chrome Security Update for Exploited Zero-Day Flaw

    ·

    , , , ,

    Google has released an urgent security update for its Chrome browser, addressing multiple vulnerabilities, including a zero-day flaw actively exploited in the wild. The update upgrades Chrome to version 149.0.7827.102/.103 on Windows and Mac, and to 149.0.7827.102 on Linux. The tech giant confirmed that the zero-day vulnerability, tracked as CVE-2026-11645, involves an out-of-bounds memory access […]

    The post Google Issues Urgent Chrome Security Update for Exploited Zero-Day Flaw appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • ‘A terrible risk’: Senate appropriators dim prospects of another defense reconciliation bill

    ·

    Congress is unlikely to approve a third multi-hundred-billion-dollar budget maneuver to pad the Trump administration's defense spending, Senate Republicans said Tuesday.

    The occasion was a hearing of the Senate Appropriations Committee’s defense panel, where Air and Space Force leaders were testifying on the 2027 budget proposal. The committee chair, Sen. Susan Collins, R-Maine, noted that some of their services’ top initiatives, such as F-35 modernization, are not part of the Trump administration’s $1.15 trillion baseline budget request. 

    Instead, the White House is asking Congress to pass a $350 billion appropriation through reconciliation, a process for “mandatory” government spending that only requires a simple majority to pass. 

    “I would just suggest that it is taking a terrible risk and creates instability when you're counting on a third reconciliation bill for the bulk of the money rather than doing base funding through the defense appropriations bill,” Collins said. 

    Added Sen. Mitch McConnell, R-Ky, chair of the defense subcommittee: “I think it's safe to conclude there will not be another reconciliation bill. So, it's really not an option.” 

    Collins agreed. 

    More than $150 billion in defense spending was signed into law last July 4 under the first reconciliation package, known as Trump’s One Big Beautiful Bill Act. On Tuesday, House Republicans passed “Reconciliation 2.0”, which would provide $70 billion for the administration’s immigration-enforcement agencies, but does not include defense funding.

    But there are still top-priority efforts that the administration wants to fund through reconciliation including Golden Dome, shipbuilding, and munitions

    The House Armed Services Committee completed its markup of its version of the annual defense policy bill last week. That version didn’t adjust the baseline in a substantial way to cover those reconciliation priorities, but top staffers said they were confident the additional funding would be secured. 

    The White House budget office anticipates that baseline defense budgets will rise from $1.15 trillion to $1.36 trillion over the next decade. It has not published plans for additional reconciliation funding after 2027. 

    Sen. Tammy Baldwin, D-Wis., added that she was also “very concerned” that the Defense Department was relying on reconciliation for top priorities.

    When Sen. John Hoeven, R-N.D., asked whether a supplemental bill would be crucial if reconciliation isn’t passed, Air Force Secretary Meink responded that it’s “vital” that the services get their fully-funded budget request. He added the Pentagon and the White House’s Office of Management and Budget are working “on options.”

    Sen. John Kennedy, R-La., said, “The Democrats have no intention of helping us pass a budget,” meaning the government could face another shutdown that would force the military to operate under a continuing resolution

    Meink said that would harm the Air and Space Force.

    “That would have significant impacts on our readiness,” Meink said. “A lot of the investments we’ve just been talking about to meet the threats from the unmanned vehicles, as well as the increased readiness for weapons systems, to increase the F-35 readiness, as well as munitions procurement, all of that is substantially impacted.”

    Kennedy said the Air Force and Space Force should expect another continuing resolution.

    “Well, I think you should prepare for it,” the lawmaker said. “Again, I hope I'm wrong.”

    ]]>

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • A Record-Breaking Patch Tuesday for June 2026

    ·

    , , , , , , , , , , , , , , ,

    Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record number of fixes for the company’s monthly Patch Tuesday cycle. Nearly three dozen of those bugs earned Microsoft’s most dire “critical” rating, and exploit code for at least three of the weaknesses is now publicly available.

    The software giant said in a blog post last month that both its engineers and the security community are increasing using artificial intelligence tools to find bugs, meaning this month’s heavy Patch Tuesday may start to become the norm, said Satnam Narang, senior staff research engineer at Tenable.

    “Some surveys put AI usage among security professionals generally at 90%, so it’s unsurprising that this volume of patches may be the norm,” Narang said. “Pandora’s proverbial box has been opened, and as more advanced AI models become available, we expect the norm to continue upward across the board, not just for Patch Tuesday.”

    June’s zero-day bugs include CVE-2026-49160, a denial of service vulnerability affecting a range of web servers, including Microsoft Internet Information Services (IIS). Microsoft says the flaw was reported by OpenAI’s Codex.

    Two of the zero-days addressed this month appear to stem from recent vulnerability disclosures by Nightmare Eclipse, the nickname chosen by a security researcher who has been dropping exploits for various Windows flaws. One of those, dubbed “GreenPlasma,” leverages an elevation of privilege weakness in the Windows Collaborative Translation Framework, the same framework patched today in CVE-2026-45586.

    Nightmare Eclipse also last month released “YellowKey,” an exploit for a Windows BitLocker vulnerability that allows an attacker with physical access to view encrypted data, and CVE-2026-50507 is a patch for an elevation of privilege bug in BitLocker.

    Microsoft received heavily blowback on social media last month after it said in a blog post that it was considering taking legal action against the security researcher. The company later clarified on Twitter/X that while it has no intention of pursuing legal actions against researchers, it would report them to authorities if they break the law. The advisories for CVE-2026-49160 and CVE-2026-50507 do not credit any researchers in the acknowledgement section, saying only that “Microsoft recognizes the efforts of those in the security community who help us protect customers through coordinated vulnerability disclosure.”

    Nightmare Eclipse claims to be a former employee of Microsoft, although Microsoft has not responded to questions about this claim. Rapid7 notes that a recent blog post by Nightmare Eclipse included an image of Albert Vesker, a character from the Resident Evil video game series who formerly worked as a researcher for a technology company before going rogue.

    Nightmare Eclipse has pledged to release even more zero-day exploits for Windows in what they called a “bone shattering” drop planned for July 14 (the same day as next month’s Patch Tuesday). Immediately following the release of Microsoft patches today, the researcher published an exploit for what they claimed was a zero-day bug in Windows Defender.

    While 200 vulnerabilities may be a record for Patch Tuesday, the actual number of security flaws Microsoft addressed this month is far higher, said Rapid7’s Adam Barnett.

    “So far this month, Microsoft has provided patches to address 360 browser vulnerabilities, which is an order of magnitude more than has been typical in any given month over the past few years,” Barnett wrote. “As usual, browser [flaws] are not included in the Patch Tuesday count above. Indeed, the vast, and presumably sustained, uptick in the number of browser vulnerabilities has led to Microsoft no longer enumerating Chromium CVEs in the Security Update Guide.”

    Microsoft also patched a zero-day vulnerability in Visual Studio Code that allows attackers to steal GitHub tokens with a single click. The company was forced to push a stopgap fix for the flaw on June 3, after a researcher published instructions showing how to exploit it. The researcher said they opted not to work with Microsoft because of a recent experience wherein Redmond silently patched a flaw they reported without offering credit or recognition.

    Microsoft battled its own internal zero-day emergencies last week, after at least 72 of the company’s public code repositories were infected with a variant of the Shai-Hulud worm. Researchers found that all of the affected packages were connected to Microsoft official Azure Durable Task SDK, which got hit by the same Shai-Hulud worm in May.

    Other major software makers are also shipping outsized update bundles this month. Adobe has released updates to fix a massive number of critical vulnerabilities across a range of products, including Adobe Experience Manager, Acrobat Reader and Cold Fusion. On June 3, Google resolved a whopping 429 vulnerabilities in its latest Chrome browser update (Chrome automatically downloads updates but installing them usually requires a complete restart of the browser).

    As ever, please consider backing up your data before applying operating system updates, and drop a note in the comments if you run into any problems with this month’s patches.

    Further reading:

    Microsoft’s Security Update Guide

    Action1’s Patch Tuesday breakdown

    SANS Internet Storm Center notes on Patch Tuesday

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • New calls for lawmakers to override Trump’s anti-union EO at the Pentagon

    ·

    The nation’s largest federal employee union last week urged House lawmakers to once again bar the Defense Department from implementing President Trump’s executive order stripping two-thirds of the federal workforce of its collective bargaining rights.

    In March 2025, Trump signed an executive order banning unions at most federal agencies, citing a seldom-used provision of the 1978 Civil Service Reform Act to exempt workforces from federal sector labor law under the auspices of national security. A second order, signed last August, added a half-dozen more agencies to the initial edict.

    The measure—and its implementation—have been tied up in a myriad of court cases ever since. While efforts lawsuits challenging the initiative governmentwide have been thus far unsuccessful in halting its rollout, some unions have preserved feds’ collective bargaining rights at particular agencies, including for Defense Department employees represented by the International Federation of Professional and Technical Engineers and the Federal Education Association.

    Not so for the American Federation of Government Employees, whose contracts Defense Secretary Pete Hegseth ordered terminated in April. In a letter to the top Democrat and Republican on the House Armed Services Committee last week, Daniel Horowitz, AFGE’s legislative director, urged the committee to once again approve a proposal nullifying Trump’s executive order as it pertains to Defense Department workers.

    Last year, the panel voted on a bipartisan basis to include the amendment, proposed by Rep. Donald Norcross, D-N.J., in the 2026 National Defense Authorization Act, and the bill ultimately passed the House with the measure in tact. It did not become law, as the Senate stripped the provision from its version of the bill.

    In the letter, Horowitz argued that Trump’s use of the Civil Service Reform Act’s so-called national security exemption greatly exceeded congressional intent.

    “The statutory exemption Congress wrote into Title 5 was deliberately narrow, reserved for agencies like the Central Intelligence Agency whose missions are uniquely incompatible with bargaining,” he wrote. “Applying it broadly across the entire Department of Defense departs significantly from that design and longstanding precedent. It is telling that President Trump never invoked [this exemption] during his first term.”

    Though Trump did not cite that authority in his first term, he sought to delegate it to then-Defense Secretary Mark Esper in 2020. Esper ultimately declined to use that power.

    Horowitz noted that a group of 16 House Republicans urged members of the bicameral conference committee to keep Norcross’ amendment in the NDAA last year, arguing that the edict “jeopardizes” rather than strengthens national security. And the Pentagon already has safeguards to ensure collective bargaining activity does not interfere with national security concerns.

    “Restoring collective bargaining is not about expanding rights or constraining management,” he wrote. “Existing agreements already contain robust management rights provisions, emergency authorities, and national security exemptions that allow commanders and program managers to act when mission requirements demand. What collective bargaining provides is a structured channel for identifying and resolving workforce problems before they become operational ones, including improving safety, retention, productivity and accountability.”

    ]]>

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶