Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

The AhnLab Security Intelligence Center (ASEC) has detected a sophisticated cyberattack targeting users of the popular text and code editor, Notepad++. Hackers have successfully manipulated a default plugin within the Notepad++ package, potentially compromising the security of countless systems. The…

Read more →

ReversingLabs has uncovered a series of Visual Studio Code (VS Code) extensions designed to transfer sensitive information from unsuspecting users. This discovery highlights the growing trend of supply chain attacks increasingly targeting open-source repositories and platforms. The threat landscape has…

Read more →

A new ransomware variant is targeting VMware ESXi servers, a popular virtualization platform used by hosting providers worldwide. Dubbed “SEXi” by its creators, this ransomware has already made significant waves, with Powerhost’s CEO revealing a staggering ransom demand of approximately…

Read more →

The Web Platform is incredibly powerful, but regrettably, malicious websites will do all in their capacity to misuse it. To prevent such exploitation, blocking actions that weren’t accompanied by a “User Gesture” is one of the weakest (but easiest to…

Read more →

A group of hackers has announced the release of sensitive documents purportedly belonging to the Five Eyes Intelligence Group (FVEY), a prominent intelligence alliance comprising Australia, Canada, New Zealand, the United Kingdom, and the United States. The United States Department…

Read more →

A critical vulnerability has been discovered in XZ Utils, a widely used data compression tool across Unix-like operating systems, including Linux. This vulnerability, identified as CVE-2024-3094, involves a backdoor that could potentially allow unauthorized remote access, posing a significant threat…

Read more →

Storm-0558, a cyberespionage group affiliated with the People’s Republic of China, has reportedly compromised Microsoft Exchange mailboxes of 22 organizations and over 500 individuals between May and June 2023. This was done by using authentication tokens of accounts that were…

Read more →

Jackson County, Missouri, has become the latest victim of a ransomware attack, which has caused substantial disruptions within its Information Technology (IT) systems. This attack has highlighted the vulnerabilities in digital infrastructures and the cascading effects such disruptions can have…

Read more →

A new menace has emerged that targets personal information with alarming precision. Dubbed the “Mighty Stealer,” this malicious software is designed to infiltrate devices and extract a wide range of sensitive data. The Mighty Stealer is a sophisticated malware that…

Read more →

DarkGate loader delivery surged after the Qakbot takedown, with financially motivated actors like TA577 and ransomware groups (BianLian, Black Basta) using it to target financial institutions (US, Europe) for double extortion.  It establishes an initial foothold and deploys info-stealers, ransomware,…

Read more →

Authentic8, provider of the leading OSINT research platform Silo for Research, today launched their Silo Shield Program to enhance online security for high-risk communities. Also today, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) launched a webpage listing free tools…

Read more →

March saw many notable phishing attacks, with criminals using new tactics and approaches to target unsuspecting victims. It is time to explore some of the five most noteworthy campaigns to understand the current threat landscape better. Pay close attention to…

Read more →

Maintaining uninterrupted services is vital for any organization. The backbone of ensuring this continuous uptime lies in the Incident Management process. Incident triage is a significant component of this process. It enables organizations to prioritize and address potential incidents efficiently.…

Read more →

Today, Congressman Eric Swalwell, CA-14, announced that he has partnered with Wolfsbane.ai to help prevent his 2024 election campaign content from being used to create AI clones and deepfakes. Wolfsbane.ai will use its patent-pending technology to encode Rep. Swalwell’s campaign…

Read more →

A massive cyber fraud operation targeting Indians in Cambodia has emerged, with an estimated Rs 500 crore stolen in six months.  Over 5,000 Indian nationals are reportedly being held against their will and forced to participate in the elaborate scheme. …

Read more →

PandaBuy, a popular online shopping platform, has been the victim of a significant data breach. This breach has resulted in the leak of personal information belonging to more than 1.3 million customers. The incident has raised serious concerns about cybersecurity…

Read more →

Google has agreed to delete billions of data records that reflect the private browsing activities of users. This decision comes as part of a settlement for a lawsuit that accused the tech giant of improperly tracking users’ web-browsing habits who…

Read more →

The DoD DIB Cybersecurity Strategy is a three-year plan (FY24-27) to improve cybersecurity for defense contractors that aims to create a secure and resilient information environment for the Defense Industrial Base (DIB).  It will be achieved through collaboration between DoD…

Read more →

A critical vulnerability has been identified in the xz-utils package, versions 5.6.0 to 5.6.1, which harbors a backdoor capable of compromising system security. This vulnerability, cataloged under CVE-2024-3094, poses a significant threat to the Linux ecosystem, including the widely used…

Read more →

Ransomware, initially a Windows threat, now targets Linux systems, endangering IoT ecosystems. Linux ransomware employs diverse encryption methods, evading traditional forensics.  Still developing, it shows potential for Windows-level impact. Early awareness allows for assessing IoT security implications. The following cybersecurity…

Read more →