Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

When cyber attacks strike, it’s rarely a single computer that suffers. Nowadays, cybercriminals set their sights on corporate networks, aiming to infiltrate and compromise multiple systems. But how do these bad actors manage to breach large networks? It all starts…

Read more →

Oracle Virtualbox was identified and reported as having a critical vulnerability associated with Privilege Escalation and Arbitrary File Move/Delete. This vulnerability was assigned with CVE-2024-21111, and the severity was 7.8 (High).  However, Oracle has acted swiftly upon the report and…

Read more →

To combat the misuse of commercial spyware, the United States Department of State has announced visa restrictions on 13 individuals linked to developing and selling these invasive technologies. This decision underscores a broader initiative by the U.S. government to address…

Read more →

The Volkswagen Group has fallen victim to a sophisticated hacking incident, with over 19,000 sensitive documents stolen. Investigations point towards a possible involvement of Chinese hackers, raising concerns over international cyber espionage and the security of global automotive giants. The…

Read more →

A SIM Swap Scam or SIM Cloning Scam exploits a vulnerability in a two-factor authentication (2FA) system that relies on SMS messages for verification codes, where attackers aim to gain control of the victim’s mobile phone number by convincing the…

Read more →

Security researchers have identified a critical vulnerability in Apache HugeGraph, an open-source graph database tool. This flaw, if exploited, could allow attackers to execute arbitrary code remotely, posing a significant threat to systems using this software. The vulnerability has been…

Read more →

A significant vulnerability in the Perforce Akana Community Manager Developer Portal has been found, allowing attackers to conduct server-side request forgery (SSRF) attacks. Community Manager is an advanced solution designed to assist businesses in creating an API portal that will draw…

Read more →

The ongoing tension between privacy rights and public safety, Europol, along with European Police Chiefs, has issued a call for tech giants to provide lawful access to encrypted communications. This development comes as major social media platforms, including those owned…

Read more →

A significant vulnerability has been identified in Citrix’s monitoring tool, uberAgent. If exploited, this flaw could allow attackers to escalate their privileges within the system, posing a serious risk to organizations using affected software versions. CVE-2024-3902 – Privilege escalation vulnerability…

Read more →

APT29, a Russian threat group, targeted German political parties with a new backdoor called WINELOADER using spear-phishing emails containing malicious links to ZIP files hosted on compromised websites. The ZIP files deployed an HTA that initiated a multi-stage infection chain,…

Read more →

Hackers often target PyPI packages to exploit vulnerabilities and inject malicious code into widely used Python libraries. Recently, cybersecurity researchers at FortiGuard Labs identified a malicious PyPI package attacking Discord users to steal credentials. The malicious PyPI package that was…

Read more →

Anonymous claims a successful cyberattack against the Israeli Defence Force (IDF), gaining access to 20 gigabytes of data, which allegedly includes over 233,000 military documents in various formats, like PDFs, Word files, and presentations.  The IDF considers the authenticity of…

Read more →

A new vulnerability has been unearthed, allowing attackers to gain rootkit-like abilities on Windows systems without requiring administrative privileges. Dubbed “MagicDot,” this vulnerability exploits the DOS-to-NT path conversion process within the Windows operating system. Here, we delve into the technical…

Read more →

A new exploit targeting VMware ESXi Shell Service has been discovered and is circulating on various hacking forums. This vulnerability poses a significant risk to organizations using VMware for their virtual environments, potentially allowing unauthorized access and control over virtual…

Read more →

A zero-day exploit targeting the popular messaging app WhatsApp has been advertised on underground hacker forums. The exploit has raised serious concerns regarding the safety of users on Android and iOS platforms. This exploit is reported to have the potential…

Read more →

CrushFTP is a file transfer server that supports secure protocols, offers easier configuration, and offers powerful monitoring tools. It also provides a web interface that allows users to transfer files using a web browser.  A critical vulnerability associated with FileSystem…

Read more →

Cybersecurity experts from SafeBreach have revealed a series of vulnerabilities that could allow attackers to remotely delete files on a computer using Windows Defender, potentially leading to data loss and system instability. Tomer Bar and Shmuel Cohen, seasoned security researchers…

Read more →

With the tightening grip of Chinese regulatory measures on foreign digital services, Apple Inc. has removed several major messaging apps, including WhatsApp and Threads by Meta Platforms, from its App Store in China. This decision follows direct orders from the…

Read more →

The notorious cybercrime group previously known as Hellokity has reemerged under a new alias, “HelloGookie.” This development was reported by the cybersecurity watchdog MonThreat via their Twitter account. Hellokity, known for its high-profile cyber-attacks, has been a significant player in…

Read more →

The Akira ransomware variant has severely impacted more than 250 organizations worldwide, amassing approximately USD 42 million in ransom payments. This information comes from a detailed joint Cybersecurity Advisory issued by the FBI and the Cybersecurity and Infrastructure Security Agency…

Read more →