-
Dutch police arrest the alleged AVCheck operator at Schiphol as part of Operation Endgame, a global effort targeting malware services and cybercrime.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
You lock your doors at night. You avoid sketchy phone calls. You’re careful about what you post on social media. But what about the information about you that’s already out there—without your permission? Your name. Home address. Phone number. Past jobs. Family members. Old usernames. It’s all still online, and it’s a lot easier to find than you think. The hidden safety threat lurking online Most
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security experts have disclosed details of a new campaign that has targeted U.S. government and policy entities using politically themed lures to deliver a backdoor known as LOTUSLITE. The targeted malware campaign leverages decoys related to the recent geopolitical developments between the U.S. and Venezuela to distribute a ZIP archive (“US now deciding what’s next for Venezuela.zip”)
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Go development team has released Go versions 1.25.6 and 1.24.12, addressing six critical security vulnerabilities that could enable denial-of-service attacks, arbitrary code execution, and unauthorised session resumption. These minor point releases follow the Go security policy and represent significant hardening efforts across core cryptographic, networking, and toolchain components. The most impactful vulnerability stems from […]
The post Go 1.26 Released With Fixes for Multiple Vulnerabilities Causing Memory Exhaustion appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly reported supply chain attack targeting the Amazon Web Services (AWS) management console has raised alarms across the developer community. Cybersecurity researchers have discovered that threat actors are exploiting misconfigured AWS credentials and integrated GitHub actions to hijack repositories and inject malicious code into open-source projects. According to the security firm that uncovered the incident, attackers exploit compromised […]
The post AWS Console Supply Chain Breach Enables GitHub Repository Hijacking appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers at Google Project Zero have disclosed a complete zero-click exploit chain affecting Google Pixel 9 smartphones, chaining vulnerabilities in the Dolby audio decoder and kernel driver to achieve code execution and privilege escalation without any user interaction. The exploit leverages three distinct vulnerabilities: CVE-2025-54957 in the Dolby Unified Decoder, CVE-2025-36934 in a kernel […]
The post Zero-Click Exploit Chain Discovered Targeting Google Pixel 9 Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cymulate Research Labs discovered a high-severity authentication bypass vulnerability in Microsoft Windows Admin Centre’s Azure AD Single Sign-On implementation that enables attackers with local administrator access on a single machine to compromise any other Windows Admin Center-managed system within the same Azure tenant. The flaw, tracked as CVE-2026-20965, stems from improper validation of Proof-of-Possession (PoP) tokens […]
The post Azure Identity Token Flaw Exposes Windows Admin Center to Tenant-Wide Breaches appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A threat actor likely aligned with China has been observed targeting critical infrastructure sectors in North America since at least last year. Cisco Talos, which is tracking the activity under the name UAT-8837, assessed it to be a China-nexus advanced persistent threat (APT) actor with medium confidence based on tactical overlaps with other campaigns mounted by threat actors from the region.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco on Thursday released security updates for a maximum-severity security flaw impacting Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager, nearly a month after the company disclosed that it had been exploited as a zero-day by a China-nexus advanced persistent threat (APT) actor codenamed UAT-9686. The vulnerability, tracked as CVE-2025-20393 (CVSS
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Another 340 companies and schools have been added to the Golden Dome missile defense contract vehicle, leaving only a small handful of the original 2,400-plus applicants out of the running for a pool of work worth up to $151 billion.
On Thursday, the Missile Defense Agency announced the third list of organizations deemed eligible to bid on the multiple-award indefinite-delivery/quantity contract, known as the Scalable Homeland Innovative Enterprise Layered Defense, or SHIELD. Several U.S. schools were among the 340 additions, including Northern Arizona University, New York University, and the University of Dayton in Ohio.
In December, MDA made two announcements that identified a total of 2,100 awardees. Now a total of 2,440 applicants have been approved, out of a original pool of 2,463, leaving 23 applicants out of the running. Thursday’s announcement said said the large group “encompasses a broad range of work areas that allows for the rapid delivery of innovative capabilities,” and added that work under the SHIELD contract “will continue through December 2035.”
A Missile Defense Agency spokesperson did not respond by publication time to requests for more details about those remaining offers.
The announcement came one day after President Donald Trump said U.S. control of Greenland was “vital” for the Golden Dome defense initiative, although experts were quick to point out that the existing Space Force base and longstanding diplomatic agreements counter his claim.
Golden Dome’s architecture—pitched by Trump and Defense Secretary Pete Hegseth as a catch-all missile defense system to counter ICBMs, hypersonic missiles, and drones of all sizes—has not been made public.
The administration says space-based interceptors are key to stopping long-range missiles. The Space Force has started awarding contracts to develop the needed technology. In November, the service awarded contracts to several companies under a competitive, and secret, other transaction agreement. In December, it sought proposals for a space-based “kinetic midcourse interceptor” prototype intended to ram enemy missiles.
In an executive order signed last month, Trump said the nation will achieve “space superiority” by “developing and demonstrating prototype next-generation missile defense technologies by 2028.”
]]>¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
