A sophisticated cyberespionage campaign, dubbed Operation RoundPress, has been uncovered by cybersecurity researchers at ESET. Attributed with medium confidence to the Russian-linked Sednit group-also known as APT28, Fancy Bear, and Forest Blizzard-this operation targets high-value webmail servers using cross-site scripting…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
DarkCloud Stealer Employs AutoIt to Evade Detection and Steal Login Credentials
Unit 42 researchers from Palo Alto Networks have uncovered a series of attacks in January 2025 involving the DarkCloud Stealer malware. This infostealer, first observed in 2022, has evolved with new tactics to bypass traditional detection mechanisms. By leveraging AutoIt…
TransferLoader Malware Enables Attackers to Execute Arbitrary Commands on Infected Systems
A formidable new malware loader, dubbed TransferLoader, has emerged as a significant cybersecurity threat, as detailed in a recent report by Zscaler ThreatLabz. Active since at least February 2025, this sophisticated malware has been observed deploying multiple components, including a…
U.S. Officials Probe Rogue Communication Devices in Solar Power Inverters
U.S. energy officials are intensifying scrutiny of Chinese-manufactured power inverters, critical components in renewable energy systems, after discovering undocumented communication equipment embedded within them. These inverters, predominantly produced in China, are essential for connecting solar panels, wind turbines, batteries, heat…
Interlock Ransomware Targeting Defense Contractors and Supply Chain Networks
The Interlock Ransomware group has emerged as a significant adversary targeting defense contractors and their intricate supply chain networks. First identified in September 2024, Interlock has rapidly shifted from opportunistic attacks across sectors like healthcare and technology to highly targeted…
Chihuahua Stealer Exploits Google Drive Document to Harvest Browser Login Credentials
A .NET-based infostealer named “Chihuahua Stealer” has been discovered using sophisticated techniques to infiltrate systems and exfiltrate sensitive data. This malware, which blends common malware strategies with unusually advanced features, was first highlighted through a Reddit post where a user…
Critical BitLocker Flaw Exploited in Minutes: Bitpixie Vulnerability Proof of Concept Unveiled
Security researchers have demonstrated a non-invasive method to bypass Microsoft BitLocker encryption on Windows devices in just five minutes without physically modifying the hardware. The Bitpixie vulnerability (CVE-2023-21563) allows attackers with brief physical access to extract BitLocker encryption keys, potentially…
Google Chrome Zero-Day Vulnerability (CVE-2025-4664) Actively Exploited in The Wild
Google has rolled out a fresh Stable Channel update for the Chrome browser across desktop platforms, including Windows, Mac, and Linux. This update elevates Chrome to version 136.0.7103.113/.114 for Windows and Mac, and 136.0.7103.113 for Linux. The deployment will occur…
Google Threat Intelligence Releases Actionable Threat Hunting Technique for Malicious .desktop Files
Google Threat Intelligence has unveiled a series of sophisticated threat hunting techniques to detect malicious .desktop files, a novel attack vector leveraged by threat actors to compromise systems. Initially documented by Zscaler researchers in 2023, this technique involves the abuse…
TA406 Hackers Target Government Entities to Steal Login Credentials
The North Korean state-sponsored threat actor TA406, also tracked as Opal Sleet and Konni, has set its sights on Ukrainian government entities. Proofpoint researchers have uncovered a dual-pronged offensive involving both credential harvesting and malware deployment through highly targeted phishing…
Threat Actors Leverage Weaponized HTML Files to Deliver Horabot Malware
A recent discovery by FortiGuard Labs has unveiled a cunning phishing campaign orchestrated by threat actors deploying Horabot malware, predominantly targeting Spanish-speaking users in Latin America. This high-severity threat, detailed in the 2025 Global Threat Landscape Report, exploits malicious HTML…
Severe Adobe Illustrator Flaw Allows Remote Code Execution
Adobe has issued an urgent security update for its widely used graphic design software, Adobe Illustrator, following the discovery of a critical heap-based buffer overflow vulnerability tracked as CVE-2025-30330. This flaw, which allows arbitrary code execution on affected systems, impacts…
New Adobe Photoshop Vulnerability Enables Arbitrary Code Execution
Adobe has released critical security updates addressing three high-severity vulnerabilities (CVE-2025-30324, CVE-2025-30325, CVE-2025-30326) in Photoshop 2024 and 2025 that could enable arbitrary code execution on Windows and macOS systems. The flaws, discovered by external researcher yjdfy through Adobe’s HackerOne bug…
New HTTPBot Botnet Rapidly Expands to Target Windows Machines
The HTTPBot Botnet, a novel Trojan developed in the Go programming language, has seen a sharp rise in activity since its first detection in August 2024. According to the latest findings from NSFOCUS Fuying Lab’s Global Threat Hunting system, HTTPBot…
Researchers Unveil New Mechanism to Track Compartmentalized Cyber Threats
Cisco Talos, in collaboration with The Vertex Project, has introduced an innovative approach to tackle the rising complexity of compartmentalized cyber threats. As modern cyberattacks increasingly involve multiple threat actors executing distinct stages of an attack kill chain-such as initial…
Critical Microsoft Outlook Flaw Enables Remote Execution of Arbitrary Code
Newly disclosed vulnerability in Microsoft Outlook (CVE-2025-32705) permits attackers to execute arbitrary code on compromised systems through a memory corruption flaw. Rated 7.8 (CVSS v3.1) and classified as Important by Microsoft, this out-of-bounds read vulnerability (CWE-125) exposes email clients to…
Critical Vulnerability in Windows Remote Desktop Gateway Allows Denial-of-Service Attacks
Microsoft has disclosed two critical vulnerabilities in its Remote Desktop Gateway (RDG) service, posing significant risks to organizational networks. CVE-2025-26677 and CVE-2025-29831, both rated Important by Microsoft, enable denial-of-service (DoS) attacks and remote code execution (RCE), respectively. These flaws, patched…
Katz Stealer Malware Hits 78+ Chromium and Gecko-Based Browsers
Newly disclosed information-stealing malware dubbed Katz Stealer has emerged as a significant threat to users of Chromium and Gecko-based browsers, with capabilities to extract sensitive data from over 78 browser variants. Developed in C and Assembly (ASM) for lightweight efficiency,…
Threat Actors Exploit AI and LLM Tools for Offensive Cyber Operations
A recent report from the S2W Threat Intelligence Center, TALON, sheds light on the escalating misuse of generative AI and large language models (LLMs) by threat actors on the dark web for malicious cyber operations. As LLMs like ChatGPT, Claude,…
Healthcare Cyberattacks in 2024 Expose 276 Million Patient Records Compromised
The healthcare sector faced an unprecedented wave of cyber threats, with a staggering 92% of organizations reporting at least one cyberattack. This alarming statistic resulted in the compromise of over 276 million patient records, equating to approximately 758,000 records breached…