1010.cx – Page 92 – cybersecurity / defense / intelligence

Firefox v147.0.3 Released with Critical Fix for Heap Buffer Overflow Vulnerability

·

Buffer over flow, CVE/vulnerability, cyber security, Cyber Security News, vulnerability

Mozilla has released an emergency security update for Firefox, addressing a critical heap buffer overflow vulnerability in the libvpx library. The update, version 147.0.4, was announced on February 16, 2026, alongside corresponding patches for Firefox ESR 140.7.1 and ESR 115.32.1. The vulnerability, tracked as CVE-2026-2447, was discovered by security researcher jayjayjazz and affects the libvpx […]

The post Firefox v147.0.3 Released with Critical Fix for Heap Buffer Overflow Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Microsoft Teams Leverages AI Workflows with Microsoft 365 Copilot for Task Automation

·

cyber security, Cyber Security News

Microsoft is rolling out AI Workflows in the Teams Workflows app, bringing intelligent automation capabilities powered by Microsoft 365 Copilot to help users streamline daily operations and automate complex tasks. The feature uses scheduled Copilot prompts through predefined templates, making setup easier for users looking to enhance productivity through automation. Availability and Rollout Timeline AI […]

The post Microsoft Teams Leverages AI Workflows with Microsoft 365 Copilot for Task Automation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Malicious Fork of Legitimate Triton App Discovered on GitHub, Exposing New Malware Threat

·

cyber security, Cyber Security News, GitHub, Malware

Attackers have weaponized a malicious fork of the legitimate Triton macOS client for omg.lol, turning a trusted open-source project into a delivery channel for Windows malware hosted on GitHub. The campaign abuses GitHub’s forking model, misleading README content, and obscure asset paths to trick users into downloading a trojanized archive named Software_3.1.zip. The malicious actor […]

The post Malicious Fork of Legitimate Triton App Discovered on GitHub, Exposing New Malware Threat appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Apache NiFi Vulnerabilities Expose Systems to Authorization Bypass Attacks

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

Apache NiFi users are being urged to upgrade after the project disclosed a high-severity authorization flaw tracked as CVE-2026-25903. The issue, published on 2026-02-16, can allow a less-privileged authenticated user to modify configuration properties on certain “restricted” extension components that were previously added to a flow by a more privileged user, potentially weakening security controls […]

The post Apache NiFi Vulnerabilities Expose Systems to Authorization Bypass Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Realmo Launches Location Intelligence Engine to Match Vacant Properties with Their Best Use

·

Press Release

Boston, Massachusetts, 17th February 2026, CyberNewswire

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Malicious Chrome Extension Exposes Facebook Business Manager Accounts to 2FA and Analytics Theft

·

Chrome, cyber security, Cyber Security News, FACEBOOK

A malicious Google Chrome extension, CL Suite by @CLMasters, which masquerades as a productivity tool for Meta Business Suite while silently stealing sensitive authentication data. Although the extension markets itself as a solution to “remove verification popups” and “generate 2FA codes,” its actual function is to exfiltrate Two-Factor Authentication (2FA) seeds, one-time codes, and detailed business […]

The post Malicious Chrome Extension Exposes Facebook Business Manager Accounts to 2FA and Analytics Theft appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
QR Codes Exploited for Phishing Attacks and Malware Spread on Mobile Devices

·

cyber security, Cyber Security News, Malware, Phishing

QR code abuse has become a significant mobile threat vector, with attackers using it to deliver phishing pages, trigger in‑app account takeovers, and distribute malicious applications outside official app stores. Because people routinely scan QR codes for payments, menus and app downloads, these attacks often bypass enterprise protections by shifting the interaction onto less‑protected personal […]

The post QR Codes Exploited for Phishing Attacks and Malware Spread on Mobile Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Apple Tests End-to-End Encrypted RCS Messaging in iOS 26.4 Developer Beta

·

Apple on Monday released a new developer beta of iOS and iPadOS with support for end-to-end encryption (E2EE) in Rich Communications Services (RCS) messages. The feature is currently available for testing in iOS and iPadOS 26.4 Beta, and is expected to be shipped to customers in a future update for iOS, iPadOS, macOS, and watchOS. “End-to-end encryption is in beta and is not available for all

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
0APT Ransomware Group Claims 200 Victims, Fails to Provide Proof

·

cyber security, Cyber Security News, Ransomware

A new ransomware-as-a-service (RaaS) outfit calling itself 0APT has quickly drawn attention for all the wrong reasons, after loudly claiming to have compromised around 200 victims while failing to provide any verifiable proof of compromise. Emerging on or around January 28, 2026, the group launched a dark web data leak site (DLS) and rapidly populated it with […]

The post 0APT Ransomware Group Claims 200 Victims, Fails to Provide Proof appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Langchain Community SSRF Bypass Vulnerability Exposes Internal Services to Unauthorized Access

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

The Langchain development team has released a critical security update for the @langchain/community package to address a Server-Side Request Forgery (SSRF) vulnerability. Identified as CVE-2026-26019, this flaw exists within the RecursiveUrlLoader class, a utility used for web crawling. If left unpatched, the vulnerability allows attackers to bypass domain restrictions and force the application to access internal network resources or […]

The post Langchain Community SSRF Bypass Vulnerability Exposes Internal Services to Unauthorized Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶