1010.cx – Page 44 – cybersecurity / defense / intelligence

PDFSIDER Malware Actively Exploited to Evade Antivirus and EDR Defenses

·

cyber security, Cyber Security News, Malware

Security researchers have identified a sophisticated backdoor malware variant, PDFSIDER, that leverages DLL side-loading to evade endpoint detection and response (EDR) systems. The threat demonstrates advanced persistent threat (APT) tradecraft, combining evasion mechanisms with encrypted command-and-control capabilities to maintain covert access on compromised systems. PDFSIDER’s infection chain originates through spear-phishing campaigns delivering ZIP archives containing […]

The post PDFSIDER Malware Actively Exploited to Evade Antivirus and EDR Defenses appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Mandiant Publishes Rainbow Tables That Crack NTLMv1 Admin Passwords

·

cyber security, Cyber Security News, Google

Mandiant has publicly released comprehensive rainbow tables designed to crack Net-NTLMv1 authentication hashes, addressing a critical security gap that has persisted for over two decades, despite the protocol being deprecated and widely recognized as fundamentally insecure. The decision to release these tables underscores the urgency of migrating away from this outdated authentication mechanism, which remains prevalent in active environments […]

The post Mandiant Publishes Rainbow Tables That Crack NTLMv1 Admin Passwords appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Argus: Python-Based Recon Toolkit Aims to Boost Security Intelligence

·

cyber security, Cyber Security News, Python, Security Tools, Tools

Security researchers and penetration testers gain a comprehensive open-source reconnaissance platform with the release of Argus v2.0, a Python-based information gathering toolkit that consolidates 135 specialised modules into a unified command-line interface. The toolkit addresses the growing complexity of modern attack surface management by providing integrated access to network mapping, web application analysis, and threat […]

The post Argus: Python-Based Recon Toolkit Aims to Boost Security Intelligence appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Security Bug in StealC Malware Panel Let Researchers Spy on Threat Actor Operations

·

Cybersecurity researchers have disclosed a cross-site scripting (XSS) vulnerability in the web-based control panel used by operators of the StealC information stealer, allowing them to gather crucial insights on one of the threat actors using the malware in their operations. “By exploiting it, we were able to collect system fingerprints, monitor active sessions, and – in a twist that will

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
New “BodySnatcher” Flaw Allows Full ServiceNow User Impersonation

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

Security researcher has disclosed a critical vulnerability in ServiceNow’s Virtual Agent API and Now Assist AI Agents application, tracked as CVE-2025-12420. Dubbed “BodySnatcher,” this flaw enables unauthenticated attackers to impersonate any ServiceNow user using only their email address, bypassing multi-factor authentication and single sign-on controls to execute privileged AI workflows and create backdoor administrator accounts. […]

The post New “BodySnatcher” Flaw Allows Full ServiceNow User Impersonation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Researchers Hijack Hacker Domain Using Name Server Delegation

·

cyber security, Cyber Security News

Security researchers from Infoblox have successfully intercepted millions of malicious push notification advertisements by exploiting a DNS misconfiguration technique known as “lame nameserver delegation,” gaining complete visibility into a large-scale affiliate advertising operation without directly compromising any systems. The researchers claimed to have identified abandoned domains used by threat actors, receiving copies of over 57 […]

The post Researchers Hijack Hacker Domain Using Name Server Delegation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Threat Actors Abuse Browser Extensions to Deliver Fake Warning Messages

·

Browser, cyber security, Cyber Security News

Threat intelligence researchers at Huntress have uncovered a sophisticated browser extension campaign orchestrated by the KongTuke threat actor group, featuring a malicious ad blocker impersonating the legitimate uBlock Origin Lite extension. The campaign weaponizes fake browser crash warnings to trick users into executing malicious PowerShell commands, ultimately delivering ModeloRAT, a previously undocumented Python-based remote access […]

The post Threat Actors Abuse Browser Extensions to Deliver Fake Warning Messages appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Microsoft January 2026 Security Update Triggers Credential Prompt Failures in Remote Desktop

·

cyber security, Cyber Security News, vulnerability, Windows

Microsoft’s January 2026 security update has disrupted enterprise Remote Desktop infrastructure, triggering widespread credential prompt failures that prevent users from accessing Azure Virtual Desktop and Windows 365 environments. The problematic patch KB5074109, released January 13, 2026, introduced an authentication regression affecting Windows 11 versions 24H2 and 25H2 running builds 26100.7623 and 26200.7623. The issue manifests as immediate sign-in failures when […]

The post Microsoft January 2026 Security Update Triggers Credential Prompt Failures in Remote Desktop appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
New Kerberos Relay Technique Exploits DNS CNAMEs to Bypass Existing Defenses

·

CVE/vulnerability, cyber security, Cyber Security News, DNS, vulnerability

A critical vulnerability in Windows Kerberos authentication that enables attackers to conduct credential-relay attacks by exploiting DNS CNAME records. Tracked as CVE-2026-20929, this flaw allows threat actors to force victims into requesting Kerberos service tickets for attacker-controlled systems, facilitating lateral movement and privilege escalation even when NTLM authentication is entirely disabled. CVE ID Vulnerability Name […]

The post New Kerberos Relay Technique Exploits DNS CNAMEs to Bypass Existing Defenses appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
GhostPoster Malware Targets Chrome Users via 17 Rogue Extensions

·

cyber security, Cyber Security News, Malware

A sophisticated malware campaign has compromised users of Chrome, Firefox, and Edge by deploying 17 malicious extensions that employ advanced steganography techniques to evade detection. Collectively downloaded more than 840,000 times, the GhostPoster operation represents one of the most technically mature and persistent browser extension threats documented to date. The GhostPoster campaign leverages an uncommon […]

The post GhostPoster Malware Targets Chrome Users via 17 Rogue Extensions appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶