1010.cx – Page 73 – cybersecurity / defense / intelligence

New OAuth Attack Lets Hackers Bypass Microsoft Entra Authentication and Steal Keys

·

cyber security, Cyber Security News, Microsoft

In a year-end tradition that has become all too familiar for cybersecurity defenders, researchers have uncovered a novel attack vector targeting Microsoft Entra ID that weaponizes legitimate OAuth 2.0 authentication flows to harvest privileged access tokens. The technique, dubbed “ConsentFix” by PushSecurity, represents an evolution of the ClickFix social engineering paradigm, enabling threat actors to […]

The post New OAuth Attack Lets Hackers Bypass Microsoft Entra Authentication and Steal Keys appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
New DocuSign-Themed Phishing Scam Delivers Stealth Malware to Windows Devices

·

cyber security, Cyber Security News, Phishing, Windows

New research has uncovered a sophisticated phishing campaign that abuses DocuSign’s brand to deliver Vidar malware and infect Windows systems. The operation uses a realistic phishing site, a fake signed installer, access-code checks, and timebased execution barriers to evade both users and automated analysis. DocuSign-themed phishing setup The attack starts with a targeted phishing email that pretends to come from DocuSign and urges […]

The post New DocuSign-Themed Phishing Scam Delivers Stealth Malware to Windows Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Trump Signals Possible Cyber Involvement in Caracas Power Loss During Maduro Extraction

·

Cyber Attack, cyber security, Cyber Security News

President Donald Trump has strongly hinted that the United States used offensive cyber capabilities to help plunge Caracas into darkness during the operation to capture Venezuelan leader Nicolás Maduro an unusually public nod to U.S. cyber power. The blackout, which coincided with pre-dawn military strikes on January 3, appears to have been part of a broader effort to […]

The post Trump Signals Possible Cyber Involvement in Caracas Power Loss During Maduro Extraction appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Cisco ISE Vulnerability Enables Access to Sensitive Data

·

Cisco, cyber security, Cyber Security News

Cisco has disclosed a new XML External Entity (XXE) vulnerability in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) that could allow authenticated attackers with administrative access to read sensitive data from the underlying operating system. The vulnerability is tracked as CVE-2026-20029 and is rated CVSS 4.9 (medium severity), but its […]

The post Cisco ISE Vulnerability Enables Access to Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
ChatGPT Health: A New Secure Space for Trusted Health and Medical Conversations

·

ChatGPT, cyber security, Cyber Security News

ChatGPT Health is launching as a dedicated health-focused version of ChatGPT that combines personalized health data with stronger privacy and security controls to support not replace conversations with clinicians. The new experience isolates health chats, encrypts data with additional protections, and allows users to securely connect medical records and wellness apps so responses are more adapt to their real health history. What ChatGPT […]

The post ChatGPT Health: A New Secure Space for Trusted Health and Medical Conversations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
ThreatsDay Bulletin: RustFS Flaw, Iranian Ops, WebUI RCE, Cloud Leaks, and 12 More Stories

·

The internet never stays quiet. Every week, new hacks, scams, and security problems show up somewhere. This week’s stories show how fast attackers change their tricks, how small mistakes turn into big risks, and how the same old tools keep finding new ways to break in. Read on to catch up before the next wave hits. Honeypot Traps Hackers Hackers Fall for

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Cisco Snort 3 Vulnerability Leading to Sensitive Data Disclosure

·

Cisco, cyber security, Cyber Security News, vulnerability

Cisco has disclosed two critical vulnerabilities in the Snort 3 detection engine affecting multiple enterprise security products, including firewalls, threat defense systems, and edge platforms. The vulnerabilities, tracked as CVE-2026-20026 and CVE-2026-20027 under advisory cisco-sa-snort3-dcerpc-vulns-J9HNF4tH, could allow unauthenticated remote attackers to leak sensitive information or cause denial-of-service conditions by disrupting packet inspection capabilities. The vulnerabilities […]

The post Cisco Snort 3 Vulnerability Leading to Sensitive Data Disclosure appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
pcTattletale Founder Bryan Fleming Pleads Guilty in Federal Stalkerware Case

·

Bryan Fleming, Cyber Crime, cybersecurity, Malware, Michigan, pcTattletale, Privacy, StealthGenie

Bryan Fleming, founder of pcTattletale, pleads guilty in a landmark federal spying case. Read how an undercover HSI sting and a data breach ended a decade of illegal stalkerware sales.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
UK Government Launches Cyber Action Plan to Bolster Public Sector Security

·

cyber security, Cyber Security News

The UK government has unveiled an ambitious £210 million cyber security initiative designed to fortify digital defenses across public sector departments and restore confidence in online government services. The centerpiece of the initiative is the newly formed Government Cyber Unit, which will coordinate risk management and incident response operations across all government departments. This centralized […]

The post UK Government Launches Cyber Action Plan to Bolster Public Sector Security appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
React2Shell Vulnerability Hit by 8.1 Million Attack Attempts

·

cyber security, Cyber Security News, vulnerability

The React Server Components (RSC) “Flight” protocol remote code execution vulnerability, tracked as CVE-2025-55182 and publicly referred to as “React2Shell,” has become the target of a massive exploitation campaign that shows no signs of slowing. Since the vulnerability’s initial disclosure, threat intelligence firm GreyNoise has recorded over 8.1 million attack sessions, with daily attack volumes […]

The post React2Shell Vulnerability Hit by 8.1 Million Attack Attempts appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶