Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

A startling discovery in the npm ecosystem has revealed a highly sophisticated malware campaign embedded within the seemingly innocuous package os-info-checker-es6. First published on March 19, 2025, with initial versions appearing benign, the package rapidly evolved into a complex threat.…

Read more →

A serious security flaw affecting the Eventin plugin, a popular event management solution for WordPress, was recently discovered by Denver Jackson, a member of the Patchstack Alliance community. This vulnerability in the plugin, which boasts over 10,000 active installations, allowed…

Read more →

Chinese intelligence operative posing as a Stanford University student has been uncovered following an investigation into suspicious approaches made to students conducting China-related research. The agent, using the alias “Charles Chen,” targeted several students over an extended period, primarily women…

Read more →

Procolored, a printer manufacturing company, has been found distributing software drivers infected with malicious code, including the notorious XRed backdoor malware. The issue came to light when Cameron Coward, a YouTuber behind the channel Serial Hobbyism, attempted to review a…

Read more →

A newly identified ransomware campaign has emerged, seemingly targeting supporters of Elon Musk through a highly sophisticated phishing-based attack. Cybersecurity researchers have uncovered a multi-stage infection chain that begins with a deceptive PDF document titled “Pay Adjustment.” This document lures…

Read more →

Security update KB5058379 for Windows 10, released in May 2025, is causing significant technical issues for numerous systems. Users report their devices are unexpectedly booting into Windows Recovery mode and requiring BitLocker recovery keys following the update installation. Windows 10…

Read more →

Andrei Vladimirovich Tarasov, a 33-year-old Russian cybercrime figure known online as “Aels,” has returned to Russia after evading US extradition. Released from Berlin’s Moabit Prison on January 5, 2024, Tarasov had been held for approximately six months following his July…

Read more →

Group123, a North Korean state-sponsored Advanced Persistent Threat (APT) group also known by aliases such as APT37, Reaper, and ScarCruft, continues to target Windows-based systems across multiple regions. Active since at least 2012, the group has historically focused on South…

Read more →

An macOS users, a new information-stealing malware dubbed FrigidStealer has emerged as a formidable threat since January 2025. This insidious malware capitalizes on user trust by masquerading as routine browser updates, luring unsuspecting individuals into downloading a malicious disk image…

Read more →

Federal Bureau of Investigation has issued a warning about an ongoing malicious messaging campaign targeting current and former senior US government officials and their contacts. Since April 2025, threat actors have been impersonating high-ranking US officials through text messages and…

Read more →

Critical vulnerability chain in Ivanti Endpoint Manager Mobile (EPMM) has exposed enterprise mobile device management systems to pre-authenticated remote code execution (RCE) attacks. The flaws, tracked as CVE-2025-4427 (authentication bypass) and CVE-2025-4428 (remote code execution), allow attackers to compromise systems…

Read more →

A meticulously orchestrated phishing campaign targeting Kuwait’s fisheries, telecommunications, and insurance sectors has been exposed by Hunt.io researchers, revealing a sprawling network of over 230 malicious domains and a tightly knit cluster of servers. First detected in early 2025, this…

Read more →

Jenkins, the widely used automation server for CI/CD pipelines, has released a critical security advisory addressing several vulnerabilities in popular plugins. These flaws-ranging from authentication bypasses to cross-site scripting-could allow attackers to compromise Jenkins environments, bypass authentication, or gain elevated…

Read more →

Hackers are stepping up their attacks on Industrial Control Systems (ICS) in the first quarter of 2025, employing an arsenal of 11,679 different malware families. This is a worrying development for industrial cybersecurity. According to a Kaspersky security solutions Report,…

Read more →

SonicWall has issued a critical security advisory (SNWLID-2025-0010) for its SMA1000 Appliance Work Place interface, revealing a high-severity Server-Side Request Forgery (SSRF) vulnerability. The flaw, identified as CVE-2025-40595 with a CVSS v3 score of 7.2, enables unauthenticated attackers to exploit…

Read more →

Security researchers successfully illustrated significant vulnerabilities across several platforms on the first day of Pwn2Own Berlin 2025, taking home a total of $260,000 in prizes. The competition featured 11 different exploit attempts, including the inaugural AI category entries. STAR Labs…

Read more →

Cybersecurity researchers have uncovered a growing trend in which threat actors are exploiting Microsoft PowerShell a legitimate Windows command-line interface to bypass advanced antivirus and Endpoint Detection and Response (EDR) defenses. This technique, often termed as “Living off the Land”…

Read more →

Cybersecurity researchers at AttackIQ have meticulously emulated the intricate tactics, techniques, and procedures (TTPs) of the VanHelsing ransomware, a potent ransomware-as-a-service (RaaS) operation that surfaced in March 2025. This cyber threat has rapidly gained notoriety within the cybercriminal underworld for…

Read more →

Tor Project has unveiled oniux, a new command-line utility that provides comprehensive network isolation for Linux applications, ensuring all traffic routes exclusively through the Tor network. This tool aims to eliminate the risk of accidental data leaks that can occur…

Read more →

Cybersecurity giant Proofpoint has announced its agreement to acquire Hornetsecurity Group, a leading European provider of AI-powered Microsoft 365 security solutions. The deal, reportedly valued at $1 billion, is expected to close in the second half of 2025, although exact…

Read more →