1010.cx – Page 66 – cybersecurity / defense / intelligence

Basic-Fit Suffers Data Breach Affecting Millions Across Multiple Nations

·

cyber security, Cyber Security News, Data Breach

European fitness operator Basic-Fit has confirmed a significant data breach affecting approximately one million members across its network. The incident heavily impacted users in the Netherlands, which accounted for 200,000 of the compromised accounts. This breach underscores the persistent targeting of consumer lifestyle platforms by threat actors seeking massive datasets. The cyber incident targeted the […]

The post Basic-Fit Suffers Data Breach Affecting Millions Across Multiple Nations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Critical Axios Vulnerability Enables Remote Code Execution, PoC Released

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

A critical security vulnerability has been discovered in Axios, one of the most widely used HTTP client libraries, exposing applications to Remote Code Execution (RCE) and full cloud infrastructure compromise. Tracked as CVE-2026-40175, this flaw carries a critical CVSS 3.1 score of 9.9 and allows attackers to bypass AWS IMDSv2 security controls to exfiltrate sensitive […]

The post Critical Axios Vulnerability Enables Remote Code Execution, PoC Released appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Alleged German DDoS-for-Hire Kingpin Behind Fluxstress Caught in Thailand

·

Bangkok, CaaS, Cyber Crime, cybersecurity, DDOS, Fluxstress, Germany, Malware, Noah Christopher, Ransomware, Security, Thailand

Alleged German cybercrime figure behind Fluxstress and Neldowner arrested in Thailand after years running global DDoS-for-hire services across countries.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
VIPERTUNNEL Python Backdoor Hidden in Fake DLL, Obfuscated Loader Chain

·

cyber security, Cyber Security News, Python

Hackers are abusing a stealthy Python backdoor called VIPERTUNNEL, hiding it behind a fake DLL file and a multi‑stage obfuscated loader to quietly tunnel traffic out of victim networks. A review of persistence mechanisms revealed a sitecustomize.py file in C:\ProgramData\cp49s\Lib\. This special Python module auto‑loads at interpreter startup and can silently run code without command‑line input. This script used ctypes to […]

The post VIPERTUNNEL Python Backdoor Hidden in Fake DLL, Obfuscated Loader Chain appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
North Korea’s APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware

·

The North Korean hacking group tracked as APT37 (aka ScarCruft) has been attributed to a fresh multi-stage, social engineering campaign in which threat actors approached targets on Facebook and added them as friends on the social media platform, turning the trust-building exercise into a delivery channel for a remote access trojan called RokRAT. “The threat actor used two Facebook

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Marimo RCE Vulnerability Exploited Within 10 Hours of Public Disclosure

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

A critical remote code execution (RCE) vulnerability in the open-source Python notebook platform Marimo was actively exploited less than 10 hours after its public disclosure. The flaw, initially tracked as GHSA-2679-6mx9-h9xc and later assigned CVE-2026-39987, carries a critical CVSS score of 9.3. It allows unauthenticated attackers to gain a full interactive shell on exposed Marimo […]

The post Marimo RCE Vulnerability Exploited Within 10 Hours of Public Disclosure appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
APT37 Uses Facebook, Telegram, and Trojanzied Installer in New Targeted Cyberattack

·

cyber security, Cyber Security News, FACEBOOK, Telegram

APT37 is running a new targeted intrusion campaign that abuses Facebook, Telegram, and a tampered Wondershare PDFelement installer to gain stealthy access and exfiltrate sensitive data, likely from defense‑related targets. The operation shows a continued evolution of APT37’s social engineering and evasion tradecraft, and demands behavior‑based EDR capable of spotting process injection, abused cloud storage, […]

The post APT37 Uses Facebook, Telegram, and Trojanzied Installer in New Targeted Cyberattack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Apache Tomcat Flaws Enable EncryptInterceptor Bypass

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

The Apache Software Foundation has released critical security updates for Apache Tomcat to address three newly disclosed vulnerabilities. Because Apache Tomcat is a widely deployed open-source web server, these flaws pose a significant risk to many enterprise environments. The newly discovered vulnerabilities could allow attackers to compromise encrypted communications, exploit flawed patches, and bypass client […]

The post Apache Tomcat Flaws Enable EncryptInterceptor Bypass appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

·

OpenAI revealed a GitHub Actions workflow used to sign its macOS apps, which downloaded the malicious Axios library on March 31, but noted that no user data or internal system was compromised. “Out of an abundance of caution, we are taking steps to protect the process that certifies our macOS applications are legitimate OpenAI apps,” OpenAI said in a post last week. “We found

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
WordPress Plugin Vulnerability Enables Admin Takeover via Auth Bypass

·

cyber security, Cyber Security News, vulnerability, Wordpress

A newly disclosed vulnerability, tracked as CVE-2026-1492, has been identified in the User Registration & Membership plugin for WordPress, exposing websites to critical authentication bypass and privilege escalation risks. Affecting versions up to 5.1.2, the vulnerability allows remote attackers to gain full administrative access without valid credentials. The affected plugin, widely used to manage user registration and membership […]

The post WordPress Plugin Vulnerability Enables Admin Takeover via Auth Bypass appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶