1010.cx – Page 58 – cybersecurity / defense / intelligence

JINX-0164 Uses LinkedIn Lures to Deploy Custom macOS Malware

·

cyber security, Cyber Security News, LinkedIn, Malware

A newly identified threat actor tracked as JINX-0164 is targeting cryptocurrency organizations through sophisticated LinkedIn-based social engineering campaigns. The financially motivated group has been active since at least mid-2025. It is leveraging custom macOS malware, credential theft, and CI/CD pipeline abuse to infiltrate development environments and steal sensitive assets. These profiles appeared highly credible, often […]

The post JINX-0164 Uses LinkedIn Lures to Deploy Custom macOS Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
GREYVIBE Threat Actors Use ChatGPT and Google Gemini to Scale Cyberattack Operations

·

ChatGPT, cyber security, Cyber Security News, Google

Threat actors are increasingly turning to generative AI tools such as ChatGPT and Google Gemini to accelerate cyberattack operations, lowering technical barriers and reshaping modern threat landscapes. A recent report by WithSecure highlights a Russia-linked threat group, tracked as GREYVIBE, that has systematically integrated large language models (LLMs) into its campaigns targeting Ukraine and related […]

The post GREYVIBE Threat Actors Use ChatGPT and Google Gemini to Scale Cyberattack Operations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
New Russian-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks

·

A previously undocumented threat actor dubbed GREYVIBE has been attributed to ongoing and persistent attacks targeting Ukraine and Ukraine-related entities since at least August 2025. GREYVIBE, per WithSecure, is assessed to be a Russian-speaking group operating broadly in the Russian time zone, with the activities aligning with Kremlin state interests, specifically when it comes to

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Malicious NuGet Package Disguised as Sicoob SDK Exfiltrates Banking Passwords

·

cyber security, Cyber Security News, Password Attacks

A newly discovered malicious NuGet package disguised as a legitimate Sicoob software development kit (SDK) has been caught exfiltrating sensitive banking credentials, highlighting a dangerous evolution in software supply chain attacks. Security researchers from Socket revealed that the package, published under the name “Sicoob.Sdk,” impersonates official developer tooling used for integrating with Brazil’s Sicoob banking […]

The post Malicious NuGet Package Disguised as Sicoob SDK Exfiltrates Banking Passwords appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Trusted Dev Tools Abused to Steal Code and Secrets

·

cyber security, Cyber Security News

Attackers are increasingly weaponizing trusted developer tools to infiltrate software supply chains, with CISA warning of multiple ongoing campaigns targeting CI/CD ecosystems and developer workflows. Recent incidents, including a compromised Visual Studio Code extension and a large-scale operation dubbed “Megalodon,” highlight how adversaries are exploiting the very tools designed to accelerate modern software development. One […]

The post Trusted Dev Tools Abused to Steal Code and Secrets appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
What 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security Stacks

·

Shadow AI used to mean employees pasting things they shouldn’t into ChatGPT. It now means something bigger: employees building full applications with AI, wiring them into production systems, and publishing them on the open internet. Without Security or IT in the loop. The artifact moved from a prompt to a product. The risk surface moved with it. In The Shadow Builders report (get it here), a

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Typosquatted npm Packages Steal Cloud and CI/CD Secrets

·

cyber security, Cyber Security News

A coordinated npm supply chain attack has been uncovered targeting developers working with OpenSearch, ElasticSearch, and DevOps tooling, with attackers actively stealing cloud credentials and CI/CD secrets from infected systems. The malicious packages imitate legitimate libraries by using lookalike names such as opensearch-setup and elastic-opensearch-helper, while falsely linking to the official OpenSearch GitHub repository in […]

The post Typosquatted npm Packages Steal Cloud and CI/CD Secrets appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
The Deliverability Problem: How New Platforms Are Solving Inbox Placement

·

Security

Email still reaches more people than any other digital channel. Getting it to actually land in the inbox…

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
GitLab Patches Multiple Duo AI, DoS, and Authorisation Vulnerabilities

·

CVE/vulnerability, cyber security, Cyber Security News, Vulnerabilities, vulnerability

GitLab has released patch versions 19.0.1, 18.11.4, and 18.10.7 to fix seven security issues affecting GitLab CE and EE, including Duo AI workflow runner access control, a Wiki denial-of-service flaw, and several authorization bugs across GraphQL, Duo Workflows, Operations, Pipelines, and authentication endpoints. The company says self-managed installations should upgrade immediately. At the same time, […]

The post GitLab Patches Multiple Duo AI, DoS, and Authorisation Vulnerabilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets

·

Cybersecurity researchers have discovered a malicious NuGet package that masquerades as a C# software development kit for Sicoob, one of Brazil’s largest cooperative financial systems, to siphon client IDs and PFX certificates. According to Socket, versions 2.0.0 through 2.0.4 of “Sicoob.Sdk” contain functionality to exfiltrate sensitive information, including PFX certificates that are used to

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶