1010.cx

  • Lazarus Hackers Abuse Git Symlink Vulnerability in Stealthy Phishing Campaign

    ·

    , , , ,

    KuCoin’s security team has uncovered a new phishing campaign orchestrated by the Lazarus Group (APT38), the notorious state-sponsored collective renowned for financially motivated cyberespionage. Armed with government resources and a history of high-profile breaches, Lazarus continues to evolve its tactics to target cryptocurrency and financial institutions worldwide. Over the last decade, Lazarus has homed in […]

    The post Lazarus Hackers Abuse Git Symlink Vulnerability in Stealthy Phishing Campaign appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • HackerOne Data Breach, Hackers Illegally Access Salesforce Environment

    ·

    , , ,

    HackerOne, a leading vulnerability coordination platform, has confirmed that its Salesforce environment was compromised in a recent third-party data breach. The incident stemmed from an attack on the Drift application provided by Salesloft, which allowed unauthorized actors to gain entry to records stored in Salesforce. While no customer vulnerability data appears to have been exposed, […]

    The post HackerOne Data Breach, Hackers Illegally Access Salesforce Environment appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Critical Flaws in Microsoft Office Enable Remote Code Execution by Attackers

    ·

    , , ,

    Microsoft has disclosed two serious security vulnerabilities in its Office suite that allow attackers to execute arbitrary code on affected systems. Both flaws were publicly released on September 9, 2025, and have been assigned CVE identifiers CVE-2025-54910 and CVE-2025-54906. These critical issues affect Microsoft Office on Windows and can be exploited by attackers to gain […]

    The post Critical Flaws in Microsoft Office Enable Remote Code Execution by Attackers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Apple iPhone Air and iPhone 17 Feature A19 Chips With Spyware-Resistant Memory Safety

    ·

    Apple on Tuesday revealed a new security feature called Memory Integrity Enforcement (MIE) that’s built into its newly introduced iPhone models, including iPhone 17 and iPhone Air. MIE, per the tech giant, offers “always-on memory safety protection” across critical attack surfaces such as the kernel and over 70 userland processes without sacrificing device performance by designing its A19 and

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Microsoft Warns of Active Directory Domain Services Vulnerability, Let Attackers Escalate Privileges

    ·

    , ,

    Microsoft has issued an updated warning for a critical security vulnerability in Active Directory Domain Services, tracked as CVE-2025-21293.

    This flaw could permit an attacker who has already gained initial access to a system to escalate their privileges, potentially gaining complete control over the affected domain controller and undermining the security of the network infrastructure.

    The vulnerability is categorized as an “Elevation of Privilege” issue stemming from an improper access control weakness, formally identified as CWE-284.

    According to Microsoft’s advisory, an attacker who successfully exploits this flaw could elevate their privileges to the SYSTEM level.

    Gaining SYSTEM privileges is the highest level of access on a Windows system, allowing an attacker to perform any action without restriction.

    This includes installing malicious software, modifying or deleting critical data, and creating new administrative accounts, which could be used to establish persistence within the network.

    The vulnerability was initially reported on January 14, 2025, with Microsoft providing an update on September 9, 2025, to offer further clarity.

    Exploit Conditions And Assessment

    Microsoft has assessed the exploitability of this vulnerability as “Exploitation Less Likely.” A key factor in this assessment is the attack vector, which requires an attacker to first log on to the target system.

    This means the flaw cannot be exploited remotely by an unauthenticated user. The adversary must possess valid credentials, which could be obtained through tactics like phishing, credential stuffing, or exploiting a separate vulnerability.

    Once authenticated, the attacker would need to run a specially crafted application to trigger the flaw and escalate their privileges.

    At the time of the latest update, the vulnerability had not been publicly disclosed, and there were no reports of it being actively exploited in the wild.

    Despite the prerequisite of prior access, the severity of the potential impact makes patching a critical priority for IT administrators.

    An attacker with SYSTEM-level control on a domain controller can compromise the entire Active Directory forest, putting all domain-joined resources at risk.

    Organizations are strongly advised to apply the security updates released by Microsoft to protect their domain controllers from this threat.

    This incident serves as a reminder that a defense-in-depth security strategy, which includes regular patching, network segmentation, and monitoring for anomalous user activity, is essential to defend against multi-stage attacks that leverage local privilege escalation vulnerabilities.

    Find this Story Interesting! Follow us on Google NewsLinkedIn, and X to Get More Instant Updates.

    The post Microsoft Warns of Active Directory Domain Services Vulnerability, Let Attackers Escalate Privileges appeared first on Cyber Security News.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • China-Linked APT41 Hackers Target U.S. Trade Officials Amid 2025 Negotiations

    ·

    The House Select Committee on China has formally issued an advisory warning of an “ongoing” series of highly targeted cyber espionage campaigns linked to the People’s Republic of China (PRC) amid contentious U.S.–China trade talks. “These campaigns seek to compromise organizations and individuals involved in U.S.-China trade policy and diplomacy, including U.S. government agencies, U.S. business

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • The Time-Saving Guide for Service Providers: Automating vCISO and Compliance Services

    ·

    Introduction Managed service providers (MSPs) and managed security service providers (MSSPs) are under increasing pressure to deliver strong cybersecurity outcomes in a landscape marked by rising threats and evolving compliance requirements. At the same time, clients want better protection without managing cybersecurity themselves. Service providers must balance these growing demands with the

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Threat Actor’s Self-Deployment of EDR Exposes Their Tools and Workflows

    ·

    ,

    In a twist of fate that underscores both the power and inherent transparency of endpoint detection and response (EDR) solutions. By investigating alerts generated through this deployment, the Huntress Security Operations Center (SOC) gained unprecedented insight into the adversary’s day-to-day workflows, tool usage, and evolving tradecraft. Huntress’s commitment to transparency and community education led to […]

    The post Threat Actor’s Self-Deployment of EDR Exposes Their Tools and Workflows appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Hackers Impersonate Google AppSheet in Latest Phishing Campaign

    ·

    , , ,

    The cybersecurity landscape has witnessed a novel phishing campaign that weaponizes Google’s no-code platform, AppSheet, to harvest user credentials. By abusing AppSheet’s trusted email infrastructure, attackers are bypassing traditional security controls and delivering malicious content from legitimate domains. This development underscores the urgent need for context-aware detection systems that analyze message intent, not just sender […]

    The post Hackers Impersonate Google AppSheet in Latest Phishing Campaign appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Critical Microsoft Office Vulnerabilities Let Attackers Execute Malicious Code

    ·

    , , , ,

    Microsoft has released patches for two significant vulnerabilities in Microsoft Office that could allow attackers to execute malicious code on affected systems.

    The flaws, tracked as CVE-2025-54910 and CVE-2025-54906, were disclosed on September 9, 2025, and affect various versions of the popular productivity suite.

    While Microsoft has assessed exploitation as “less likely” for both vulnerabilities at this time, their potential for remote code execution warrants immediate attention from users and administrators.

    The vulnerabilities differ in their exploitation methods and severity, with one being rated as Critical and the other as Important.

    Critical Microsoft Office Vulnerabilities

    The more severe of the two flaws, CVE-2025-54910, is a Critical-rated heap-based buffer overflow vulnerability.

    This type of weakness, cataloged as CWE-122, can allow an unauthorized attacker to execute arbitrary code locally on a target machine. A particularly dangerous aspect of this vulnerability is that the Preview Pane in Microsoft Office serves as an attack vector.

    This means that an attacker could potentially trigger the exploit without any interaction from the user beyond them simply receiving and viewing a malicious file in an Explorer window.

    Although the attack is executed locally, the term “remote” in the vulnerability’s title refers to the attacker’s location, highlighting that they do not need prior access to the victim’s machine.

    The second vulnerability, CVE-2025-54906, is rated as Important and stems from a Use-After-Free condition, tracked as CWE-416.

    This flaw also permits remote code execution, but its exploitation vector differs significantly from the heap-based overflow. To exploit this vulnerability, an attacker must craft a malicious file and socially engineer the user into opening it.

    Unlike the other flaw, the Preview Pane is not an attack vector for CVE-2025-54906, meaning the user must actively engage with the malicious content.

    This requirement for user interaction is a key reason for its lower severity rating compared to the Preview Pane vulnerability.

    Mitigations

    Microsoft has released security updates to address these vulnerabilities for most affected software. The company advises customers to apply all updates offered for the software installed on their systems to ensure comprehensive protection.

    It should be noted that security updates for Microsoft Office LTSC for Mac 2021 and 2024 are not immediately available but will be released shortly.

    Microsoft will notify customers through a revision to the CVE information once these updates are ready. Given the serious nature of remote code execution flaws, users are strongly encouraged to install the patches as soon as possible to mitigate the risk of potential exploitation.

    Find this Story Interesting! Follow us on Google NewsLinkedIn, and X to Get More Instant Updates.

    The post Critical Microsoft Office Vulnerabilities Let Attackers Execute Malicious Code appeared first on Cyber Security News.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶