1010.cx – Page 78 – cybersecurity / defense / intelligence

Threat Actors Exploit Google Cloud Services to Steal Microsoft 365 Credentials

·

cyber security, Cyber Security News, Microsoft

A sophisticated phishing campaign is exploiting Google Cloud infrastructure to bypass email security filters and steal Microsoft 365 credentials, demonstrating how attackers increasingly abuse trusted cloud platforms to lend legitimacy to their malicious activities. Cybersecurity researchers at Check Point have uncovered a large-scale operation targeting approximately 3,200 organizations, resulting in over 9,300 phishing emails over […]

The post Threat Actors Exploit Google Cloud Services to Steal Microsoft 365 Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
The Future of Cybersecurity Includes Non-Human Employees

·

Non-human employees are becoming the future of cybersecurity, and enterprises need to prepare accordingly. As organizations scale Artificial Intelligence (AI) and cloud automation, there is exponential growth in Non-Human Identities (NHIs), including bots, AI agents, service accounts and automation scripts. In fact, 51% of respondents in ConductorOne’s 2025 Future of Identity Security Report

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
ToddyCat Malware Exploits ProxyLogon to Compromise Microsoft Exchange Servers

·

cyber security, Cyber Security News, Malware

ToddyCat, a sophisticated cyber-espionage threat group also known as Websiic and Storm-0247, has emerged as a significant risk to organizations across Europe and Asia. The group’s operations, which began in December 2020 by targeting Microsoft Exchange servers in Taiwan and Vietnam, have since evolved into complex, multi-stage campaigns that leverage advanced evasion techniques and specialized […]

The post ToddyCat Malware Exploits ProxyLogon to Compromise Microsoft Exchange Servers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Veeam Patches Critical RCE Vulnerability with CVSS 9.0 in Backup & Replication

·

Veeam has released security updates to address multiple flaws in its Backup & Replication software, including a “critical” issue that could result in remote code execution (RCE). The vulnerability, tracked as CVE-2025-59470, carries a CVSS score of 9.0. “This vulnerability allows a Backup or Tape Operator to perform remote code execution (RCE) as the postgres user by sending a malicious

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
LockBit 5.0 Unveils Advanced Encryption and Enhanced Anti-Analysis Techniques

·

cyber security, Cyber Security News, Ransomware

LockBit has solidified its position as the most prolific ransomware-as-a-service (RaaS) operation globally, accounting for approximately 21% of all documented ransomware attacks in 2023, following its dominance of 30.25% during the 2021-2022 period. The emergence of LockBit 5.0 represents a significant escalation in technical sophistication, introducing enhanced encryption methodologies and anti-analysis mechanisms that fundamentally complicate […]

The post LockBit 5.0 Unveils Advanced Encryption and Enhanced Anti-Analysis Techniques appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Microsoft Warns Misconfigured Email Routing Can Enable Internal Domain Phishing

·

Threat actors engaging in phishing attacks are exploiting routing scenarios and misconfigured spoof protections to impersonate organizations’ domains and distribute emails that appear as if they have been sent internally. “Threat actors have leveraged this vector to deliver a wide variety of phishing messages related to various phishing-as-a-service (PhaaS) platforms such as Tycoon 2FA,” the

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Chinese Hackers Launch Ongoing Attacks on Taiwan’s Critical Infrastructure

·

cyber security, Cyber Security News

China’s state-sponsored cyber operations against Taiwan have intensified dramatically, with threat actors launching an average of 2.63 million intrusion attempts daily targeting critical infrastructure across nine primary sectors, according to a newly released report from Taiwan’s National Security Bureau (NSB). The NSB report documents a concerning pattern of synchronized cyber warfare operations that correlate directly […]

The post Chinese Hackers Launch Ongoing Attacks on Taiwan’s Critical Infrastructure appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Veeam Backup Vulnerability Exposes Systems to Root-Level Remote Code Execution

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

Veeam has released a critical security update for its Backup & Replication software to address multiple high-severity vulnerabilities. The most concerning of these flaws could allow attackers to execute remote code with root-level privileges, potentially granting them full control over affected systems. These vulnerabilities specifically affect Veeam Backup & Replication version 13.0.1.180 and all earlier version 13 builds. Veeam […]

The post Veeam Backup Vulnerability Exposes Systems to Root-Level Remote Code Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Black Cat Hacker Group Uses Fake Notepad++ Websites to Distribute Malware and Steal Data

·

cyber security, Cyber Security News

A sophisticated cyberattack campaign orchestrated by the notorious “Black Cat” criminal gang has been uncovered by CNCERT and Microstep Online, revealing a coordinated effort to compromise internet users through weaponized fake Notepad++ download websites. The operation exploits search engine optimization techniques to deceive unsuspecting users into installing malware-laden software packages that deploy backdoor trojans designed […]

The post Black Cat Hacker Group Uses Fake Notepad++ Websites to Distribute Malware and Steal Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Google Warns of High-Risk WebView Vulnerability That Breaks Security Controls

·

CVE/vulnerability, cyber security, Cyber Security News, Google, vulnerability

Google released Chrome versions 143.0.7499.192/.193 on January 6, 2026, to patch a high-severity vulnerability in WebView that could allow attackers to bypass important security policies. The flaw, tracked as CVE-2026-0628, represents a significant threat to users whose browsers rely on WebView’s policy enforcement framework to block malicious content. Attribute Details CVE ID CVE-2026-0628 Severity High […]

The post Google Warns of High-Risk WebView Vulnerability That Breaks Security Controls appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶