1010.cx – Page 8 – cybersecurity / defense / intelligence

UIDAI Introduces Bug Bounty Program to Strengthen Aadhaar Defenses

·

Bug Bounty, cyber security, Cyber Security News

The Unique Identification Authority of India (UIDAI) has officially launched its first structured bug bounty program to fortify the Aadhaar system. As the foundation of a massive national identity database, securing Aadhaar requires continuous innovation and rigorous testing. This new initiative invites top cybersecurity experts to proactively identify and responsibly disclose potential vulnerabilities within UIDAI’s […]

The post UIDAI Introduces Bug Bounty Program to Strengthen Aadhaar Defenses appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
New .NET AOT Malware Hides Code as a Black Box to Evade Detection

·

.NET, AOT, Black Box, cybersecurity, Malware, Rhadamanthys, Security

Researchers at Howler Cell have discovered a new .NET AOT malware campaign that uses a clever scoring system…

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Apple WebKit Security Flaw Exposes iOS and macOS Users to Content-Based Bypass Attacks

·

Apple, cyber security, Cyber Security News, vulnerability

Apple has released emergency security updates to address a critical WebKit vulnerability that currently exposes iPhone, iPad, and Mac users to sophisticated content-based bypass attacks. Delivered seamlessly via the Background Security Improvements mechanism on March 17, 2026, this targeted patch secures Apple devices against potential Same Origin Policy violations without requiring a full operating system […]

The post Apple WebKit Security Flaw Exposes iOS and macOS Users to Content-Based Bypass Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Claude Code Security and Magecart: Getting the Threat Model Right

·

When a Magecart payload hides inside the EXIF data of a dynamically loaded third-party favicon, no repository scanner will catch it – because the malicious code never actually touches your repo. As teams adopt Claude Code Security for static analysis, this is the exact technical boundary where AI code scanning stops and client-side runtime execution begins. A detailed analysis of where Claude

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
9 Critical IP KVM Flaws Enable Unauthenticated Root Access Across Four Vendors

·

Cybersecurity researchers have warned about the risks posed by low-cost IP KVM (Keyboard, Video, Mouse over Internet Protocol) devices, which can grant attackers extensive control over compromised hosts. The nine vulnerabilities, discovered by Eclypsium, span four different products from GL-iNet Comet RM-1, Angeet/Yeeso ES3 KVM, Sipeed NanoKVM, and JetKVM. The most severe of them allow

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
LeakNet boosts ransomware with ClickFix lures, stealthy Deno loader

·

cyber security, Cyber Security News, Ransomware

LeakNet is scaling its ransomware operation by pairing mass-market ClickFix lures with a stealthy Deno-based loader that executes almost entirely in memory, shrinking the window for defenders to intervene. Ransomware operator LeakNet is currently averaging around three victims per month. However, recent activity shows the group investing in its own delivery and execution infrastructure to grow that […]

The post LeakNet boosts ransomware with ClickFix lures, stealthy Deno loader appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
ForceMemo Hijacks GitHub Accounts, Backdoors Python Repos

·

cyber security, Cyber Security News, GitHub

ForceMemo is an active software supply‑chain campaign hijacking GitHub accounts and silently backdooring Python repositories via force‑pushed commits that look legitimate in the web UI. It builds on GlassWorm’s stolen‑token ecosystem and uses the Solana blockchain as a resilient command‑and‑control (C2) channel, making detection and takedown significantly harder. The attacker targets a wide range of […]

The post ForceMemo Hijacks GitHub Accounts, Backdoors Python Repos appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Critical Telnetd Vulnerability Enables Remote Code Execution Attacks

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

A critical buffer overflow vulnerability has been discovered in the GNU InetUtils telnetd daemon. Tracked as CVE-2026-32746, the flaw carries a maximum CVSS 3.1 score of 9.8 and allows unauthenticated attackers to execute arbitrary code with root privileges. There is no confirmed active exploitation, and the severity of the flaw demands immediate attention from network […]

The post Critical Telnetd Vulnerability Enables Remote Code Execution Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
OpenAI Introduces GPT-5.4 Mini and Nano for Faster, Lightweight AI Performance

·

cyber security, Cyber Security News, OpenAI

OpenAI has officially launched GPT-5.4 mini and GPT-5.4 nano, introducing high-efficiency models optimized for automated workflows, coding subagents, and latency-sensitive deployments. These models are designed to reduce application programming interface (API) overhead while maintaining complex reasoning capabilities, making them highly relevant for professionals scaling automated data extraction or telemetry analysis pipelines. Architecture and Capability Enhancements […]

The post OpenAI Introduces GPT-5.4 Mini and Nano for Faster, Lightweight AI Performance appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Product Walkthrough: How Mesh CSMA Reveals and Breaks Attack Paths to Crown Jewels

·

Security teams today are not short on tools or data. They are overwhelmed by both. Yet within the terabytes of alerts, exposures, and misconfigurations – security teams still struggle to understand context: Q: Which exposures, misconfigurations, and vulnerabilities chain together to create viable attack paths to crown jewels? Even the most mature security teams can’t answer that

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶