1010.cx – Page 43 – cybersecurity / defense / intelligence

Cybercriminals Impersonate Malwarebytes to Steal User Credentials

·

cyber security, Cyber Security News, Malware

As part of an ongoing effort to highlight active and technically interesting intrusions, a new “Flash Hunting Findings” investigation has uncovered a short but well‑structured malware campaign impersonating MalwareBytes to deliver infostealers and steal user logins and crypto‑wallet data. The activity was observed between January 11 and January 15, 2026, and is characterized by consistent […]

The post Cybercriminals Impersonate Malwarebytes to Steal User Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
DevOps & SaaS Downtime: The High (and Hidden) Costs for Cloud-First Businesses

·

Just a few years ago, the cloud was touted as the “magic pill” for any cyber threat or performance issue. Many were lured by the “always-on” dream, trading granular control for the convenience of managed services. In recent years, many of us have learned (often the hard way) that public cloud service providers are not immune to attacks and SaaS downtime, hiding behind the Shared Responsibility

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Attackers Abuse WSL2 to Operate Undetected on Windows Systems

·

cyber security, Cyber Security News, Windows

Windows Subsystem for Linux (WSL) has transformed the developer experience on Windows. However, it has also quietly created a powerful hiding place for attackers. With WSL2, Microsoft moved from lightweight translation to a whole virtual machine (VM) model. That architectural change gives adversaries a semi-isolated Linux environment running inside Hyper‑V that is rarely monitored by […]

The post Attackers Abuse WSL2 to Operate Undetected on Windows Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
New StackWarp Hardware Flaw Breaks AMD SEV-SNP Protections on Zen 1–5 CPUs

·

A team of academics from the CISPA Helmholtz Center for Information Security in Germany has disclosed the details of a new hardware vulnerability affecting AMD processors. The security flaw, codenamed StackWarp, can allow bad actors with privileged control over a host server to run malicious code within confidential virtual machines (CVMs), undermining the integrity guarantees provided by AMD

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Mastang Panda Uses Venezuela News to Spread LOTUSLITE Malware

·

Acronis, China, Cyber Attack, Cyber-Attacks, cybersecurity, HoneyMyte, Malware, Mustang Panda, Phishing, Security, USA, Venezuela

Researchers have found a new spying campaign using news about Venezuela to trick US government officials. Learn how the LOTUSLITE virus sneaks into computers to steal secrets.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Attackers Rerouted Employee Pay Without Breaching IT Systems

·

cyber security, Cyber Security News, IT

An unnamed organization recently discovered that several employees’ paychecks had silently vanished not because of a ransomware attack, data-wiping malware, or a cloud breach, but because an attacker convinced people to do exactly what they wanted. Instead of hacking through firewalls or exploiting zero-days, the threat actor went after the weakest link: operational processes and […]

The post Attackers Rerouted Employee Pay Without Breaching IT Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Spear-Phishing Campaign Leverages Google Ads to Distribute EndRAT Malware

·

cyber security, Cyber Security News, Malware

Genians Security Center has published an in-depth analysis of Operation Poseidon, a sophisticated APT campaign attributed to the Konni threat group that exploits legitimate advertising infrastructure to distribute EndRAT malware. This advanced spear-phishing operation demonstrates how threat actors leverage trusted platforms to circumvent traditional security defenses while targeting South Korean financial institutions and human rights […]

The post Spear-Phishing Campaign Leverages Google Ads to Distribute EndRAT Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Redmi Buds Vulnerability Could Allow Call Data Theft and Firmware Instability

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

Xiaomi’s Redmi Buds series faces critical security flaws that enable attackers to steal sensitive call data and crash devices without authentication. Two newly disclosed vulnerabilities affect Redmi Buds 3 Pro through 6 Pro, allowing unauthenticated adversaries within Bluetooth range to access private phone numbers and trigger repeated denial of service conditions. The vulnerabilities stem from […]

The post Redmi Buds Vulnerability Could Allow Call Data Theft and Firmware Instability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
CrashFix Chrome Extension Delivers ModeloRAT Using ClickFix-Style Browser Crash Lures

·

Cybersecurity researchers have disclosed details of an ongoing campaign dubbed KongTuke that used a malicious Google Chrome extension masquerading as an ad blocker to deliberately crash the web browser and trick victims into running arbitrary commands using ClickFix-like lures to deliver a previously undocumented remote access trojan (RAT) dubbed ModeloRAT. This new escalation of ClickFix has

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Five Chrome Extensions Used to Hijack Enterprise HR and ERP Systems

·

Chrome, cyber security, Cyber Security News

Socket’s Threat Research Team has uncovered a coordinated Chrome extension campaign targeting enterprise HR and ERP platforms, including Workday, NetSuite, and SAP SuccessFactors. Five malicious extensions, collectively installed over 2,300 times, work together to steal session tokens, block security controls, and enable complete account takeover through session hijacking. Four of the extensions are published under […]

The post Five Chrome Extensions Used to Hijack Enterprise HR and ERP Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶