Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

A critical vulnerability, tracked as CVE-2025-49826, has been discovered and addressed in the popular React-based web framework, Next.js. The flaw, present in versions >=15.1.0 and <15.1.8, allowed attackers to exploit a cache poisoning bug, potentially leading to a Denial of Service (DoS)…

Read more →

A newly disclosed vulnerability, tracked as CVE-2025-34067, has been identified in HIKVISION’s widely deployed security management platform, applyCT (also known as HikCentral).  This critical flaw allows unauthenticated remote code execution (RCE), putting countless surveillance and security infrastructures at risk across government,…

Read more →

Security researchers have discovered novel ways to identify and take advantage of Microsoft Azure Arc in business settings, which is a major advancement in cybersecurity and may reveal weaknesses in this hybrid management system. Introduced in 2019, Azure Arc extends…

Read more →

A security researcher has uncovered a significant vulnerability affecting Lenovo computers: a writable file within the Windows directory that can be exploited to bypass AppLocker restrictions. The file in question, C:\Windows\MFGSTAT.zip, is present on many Lenovo machines that ship with…

Read more →

A sophisticated cyberattack targeting unsecured Java Debug Wire Protocol (JDWP) interfaces on honeypot servers running TeamCity, a popular CI/CD application, has been discovered, according to a startling disclosure from the Wiz Research Team. The team observed that within mere hours…

Read more →

HUMAN’s Satori Threat Intelligence and Research Team has dismantled a sprawling ad fraud operation named IconAds, which infiltrated the Google Play Store with 352 malicious apps. At its peak, this scheme generated a staggering 1.2 billion bid requests daily, flooding…

Read more →

Threat actors have developed a clever social engineering technique to disseminate malware by posing as trustworthy security measures, which is a terrifying new development in the realm of cybercrime. Cybersecurity researchers have uncovered a malicious campaign that leverages fake Cloudflare…

Read more →

A new credential-stealing malware, dubbed “123 | Stealer,” has surfaced on underground cybercrime forums, with the threat actor known as #koneko offering the tool for rent at $120 per month. The malware, which is being marketed as a powerful and flexible information stealer,…

Read more →

In a breakthrough that challenges the perceived safety of nonce-based Content Security Policy (CSP), security researchers have demonstrated a practical method to bypass these protections by combining HTML injection, CSS-based nonce leakage, and browser cache manipulation. The Setup: A Realistic…

Read more →

A major security lapse has exposed the credentials of over 62,000 users of Catwatchful, a full-featured Android spyware app that openly markets itself as a tool for covert surveillance. The breach, discovered by a security researcher, highlights the persistent risks…

Read more →

Security researchers have disclosed two significant vulnerabilities in PHP, the popular server-side scripting language, that could allow attackers to launch SQL injection (SQLi) and Denial of Service (DoS) attacks. According to the report, Administrators and developers are urged to update…

Read more →

A sophisticated phishing campaign, initially spotlighted by Mexican journalist Ignacio Gómez Villaseñor, has evolved into a sprawling global threat, as revealed by Silent Push Threat Analysts. What began as a targeted attack on Spanish-language audiences during Mexico’s “Hot Sale 2025”…

Read more →

NSFOCUS Fuying Lab’s Global Threat Hunting System has discovered a new botnet family called “hpingbot” that has been quickly expanding since June 2025, marking a significant shift in the cybersecurity scene. This cross-platform botnet, built from scratch using the Go…

Read more →

Token Security experts recently conducted a thorough investigation that exposed serious security weaknesses in Microsoft Azure’s Role-Based Access Control (RBAC) architecture. Azure RBAC, the backbone of permission management in the cloud platform, allows administrators to assign roles to users, groups,…

Read more →

The Apache Foundation disclosed several critical vulnerabilities affecting two of its widely used software platforms, Apache Tomcat and Apache Camel, sparking immediate concern among cybersecurity experts and organizations worldwide. Apache Tomcat, a popular platform for running Java-based web applications, was…

Read more →

Citrix has issued an urgent advisory for NetScaler users following the release of builds 14.1.47.46 and 13.1.59.19, warning of potential authentication disruptions stemming from a 16c3 a newly implemented security feature. As part of Citrix’s secure-by-design and secure-by-default initiative, the…

Read more →

Threat actors have dramatically increased their exploitation of the cybersecurity sector, which is a disturbing development. Spain’s country code TLD, ES, is used to plan credential phishing attacks. According to recent findings from Cofense Intelligence, the abuse of .ES TLD…

Read more →

Dylan, 13, has accomplished a remarkable achievement by becoming the youngest security researcher to work with the Microsoft Security Response Center (MSRC), leaving his mark on the history of cybersecurity. His journey from tinkering with Scratch, a visual programming language…

Read more →

The ongoing Russia-Ukraine conflict, which intensified in 2022, continues to reshape the cybercrime landscape in 2025, with hacktivism emerging as a potent weapon in geopolitical disputes. Since the war’s outbreak, pro-Russian and pro-Ukrainian hacktivist groups have waged a parallel battle…

Read more →

Microsoft has released a critical security update for its Edge browser, addressing a high-severity vulnerability in the Chromium engine that is currently being exploited in the wild. The update, available in Microsoft Edge Stable Channel Version 138.0.3351.65, patches CVE-2025-6554—a flaw…

Read more →

Let’s Encrypt, a leading certificate authority (CA) known for providing free SSL/TLS certificates since 2015, has issued its first-ever certificate for an IP address. This development, announced earlier in January, marks a significant step in expanding secure communication options for…

Read more →

Microsoft has officially confirmed that its recent Windows 11 update, KB5060829, is causing unexpected error entries in the Windows Firewall With Advanced Security logs. The company has assured users and IT administrators that these errors, while potentially alarming, do not…

Read more →

A new malware loader dubbed “BUBBAS GATE” has surfaced on underground forums and Telegram channels, drawing attention for its bold claims of advanced evasion capabilities, including bypassing Microsoft’s SmartScreen and modern AV/EDR solutions. The loader was first advertised on June 22, 2025,…

Read more →

A newly disclosed vulnerability in the Sudo command-line tool, present for over 12 years, has exposed countless Linux and Unix-like systems to the risk of local privilege escalation, allowing attackers to gain root access without sophisticated exploits. The flaw, tracked…

Read more →

Two newly disclosed vulnerabilities in Anthropic’s Filesystem Model Context Protocol (MCP) Server—CVE-2025-53110 and CVE-2025-53109—have exposed AI-powered environments to severe risks, including sandbox escapes, unauthorized file access, and arbitrary code execution. These flaws, discovered by Cymulate Research Labs, highlight urgent security challenges as…

Read more →

A new wave of cyber risk is emerging as AI-powered tools like ChatGPT and Perplexity become default search and answer engines for millions. Recent research by Netcraft has revealed that these large language models (LLMs) are not just making innocent…

Read more →

Microsoft announced that it will lay off approximately 9,000 employees worldwide, representing nearly 4% of its global workforce of 228,000 as of June 2024. This move marks the company’s second significant round of job cuts this year, following the elimination…

Read more →

Ransomware assaults on businesses around the world have increased by 213% in the first quarter of 2025, with 2,314 victims reported over 74 distinct data breach sites, compared to just 1,086 in the first quarter of 2024. This is a…

Read more →

A newly disclosed vulnerability in Apache Seata, a popular open-source distributed transaction solution, has raised security concerns for organizations relying on affected versions. The flaw, tracked as CVE-2025-32897, enables the deserialization of untrusted data within the Seata server, potentially exposing systems to remote…

Read more →

A shadowy group known as Keymous+ has emerged as a formidable force in the cyber landscape, claiming responsibility for over 700 Distributed Denial of Service (DDoS) attacks in 2025 alone. Operating with a self-proclaimed identity as “North African hackers,” the…

Read more →

A newly disclosed, critical vulnerability in Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (SME) has exposed organizations to the risk of full system compromise. Tracked as CVE-2025-20309 and assigned a maximum CVSS score of 10.0, the flaw allows…

Read more →

A newly disclosed critical vulnerability in Wing FTP Server threatens thousands of organizations worldwide, enabling attackers to achieve full server takeover through unauthenticated remote code execution (RCE). The flaw, tracked as CVE-2025-47812, has been assigned a maximum CVSSv4 score of 10.0, underscoring its severity and ease…

Read more →

A newly disclosed vulnerability in ModSecurity, a widely used open-source web application firewall (WAF), exposes servers to denial-of-service (DoS) attacks by exploiting a flaw in the way the software parses empty XML elements. The flaw, registered as CVE-2025-52891, affects ModSecurity versions 2.9.8…

Read more →

A newly disclosed vulnerability in the Python-based data-exfiltration utility used by the notorious Cl0p ransomware group has exposed the cybercrime operation itself to potential attack. The flaw, cataloged as GCVE-1-2025-0002, was identified by Italian security researcher Lorenzo N and published…

Read more →

Ruichen Xiong, a student from China, has been sentenced to over a year in prison at Inner London Crown Court for orchestrating a large-scale smishing (SMS phishing) campaign. Xiong deployed a sophisticated SMS Blaster device from the boot of his…

Read more →

Gamaredon, a Russia-aligned advanced persistent threat (APT) group attributed by Ukraine’s Security Service (SSU) to the FSB’s 18th Center of Information Security, has exclusively targeted Ukrainian governmental institutions throughout 2024, abandoning prior attempts to hit NATO countries. According to ESET…

Read more →

Cisco’s Talos security team has uncovered a surge in sophisticated phishing campaigns leveraging malicious PDF payloads to impersonate trusted brands like Microsoft, DocuSign, and Dropbox. According to a recent update to Cisco’s brand impersonation detection engine, these attacks have expanded…

Read more →

Esse Health, a prominent healthcare provider, disclosed a data breach that has potentially exposed the personal and medical information of approximately 263,000 patients. The breach, detected on April 2025, involved unauthorized access to the organization’s network by a cybercriminal who…

Read more →

A sophisticated campaign by North Korean (DPRK)-aligned threat actors targeting Web3 and cryptocurrency businesses has been uncovered, showcasing an alarming evolution in macOS malware tactics. According to detailed analysis by SentinelLABS, alongside corroborating reports from Huntabil.IT and Huntress, the attackers…

Read more →

OX Research conducted a ground-breaking study in May and June 2025 that revealed concerning security flaws in the extension verification procedures of some of the most popular Integrated Development Environments (IDEs), such as Visual Studio Code (VSCode), Visual Studio, IntelliJ…

Read more →

A critical security flaw has been discovered in the widely used YONO SBI: Banking & Lifestyle app, potentially exposing millions of users to man-in-the-middle (MITM) attacks and putting sensitive financial data at risk. The vulnerability, catalogued as CVE-2025-45080, affects version…

Read more →

Microsoft has announced it will discontinue password management features in its widely used Authenticator app, marking a significant shift in its approach to digital security. Starting July 2025, the app’s autofill capability will be disabled, and by August 2025, all…

Read more →

Microsoft has announced a significant security upgrade for its Office 365 platform, introducing a new Mail Bombing Detection feature within Microsoft Defender for Office 365. This enhancement, rolling out globally from late June through early July 2025, is designed to…

Read more →

Hackers are exploiting poorly managed Linux servers, particularly those with weak SSH credentials, to install proxy tools such as TinyProxy and Sing-box. The AhnLab Security Intelligence Center (ASEC) has been closely monitoring these intrusions through honeypots mimicking vulnerable SSH services.…

Read more →

The International Criminal Court (ICC), the global tribunal responsible for prosecuting serious international crimes, has been targeted by a sophisticated and highly focused cyberattack late last week. The Court confirmed that the incident, which marks the second such breach in…

Read more →

A sophisticated email-based attack distributing a Remote Access Trojan (RAT) known as DCRat has been recently identified by the FortiMail IR team, specifically targeting organizations in Colombia. The campaign, impersonating a Colombian government entity, leverages advanced evasion techniques to compromise…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert after adding two newly discovered vulnerabilities in the TeleMessage TM SGNL messaging platform to its Known Exploited Vulnerabilities (KEV) Catalog. These flaws CVE-2025-48927 and CVE-2025-48928, are confirmed…

Read more →

The Internet, once dominated by human interaction, is undergoing a seismic shift as bots now constitute approximately 30% of global web traffic, according to recent Cloudflare Radar data. In certain regions, automated traffic even outpaces human activity, signaling a transformative…

Read more →

A newly identified attack vector, dubbed the “FileFix Attack,” has surfaced, exploiting a subtle yet critical loophole in how modern browsers like Google Chrome and Microsoft Edge handle saved web content. This technique cunningly sidesteps the Windows Mark-of-the-Web (MOTW) security…

Read more →

Qantas Airways, Australia’s flagship carrier, has confirmed a major cyberattack that compromised the personal data of up to six million customers, marking one of the largest data breaches in the country’s aviation history. The breach, discovered earlier this week, targeted…

Read more →

The French National Agency for the Security of Information Systems (ANSSI) has uncovered a sophisticated cyberattack campaign orchestrated by a threat group dubbed “Houken.” This group, suspected to be linked to the Chinese intrusion set UNC5174, exploited multiple zero-day vulnerabilities…

Read more →

A critical security vulnerability has been discovered and patched in Tenable’s Nessus vulnerability scanner for Windows, potentially allowing non-administrative users to overwrite any system file with SYSTEM-level privileges. This flaw, tracked as CVE-2025-36630, impacts all Nessus versions prior to 10.8.5…

Read more →

Microsoft has confirmed a significant issue affecting its Intune security baseline update process, causing concern among IT administrators worldwide. The problem, acknowledged by Microsoft in late June, results in custom security baseline configurations being lost when updating to a newer…

Read more →

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has imposed sweeping sanctions on Aeza Group, a Russia-based bulletproof hosting (BPH) provider, for its pivotal role in enabling global cybercrime, including ransomware attacks, data theft, and illicit drug…

Read more →

A critical security flaw in the popular Forminator WordPress plugin has put more than 600,000 websites worldwide at risk of remote takeover, according to recent disclosures from security firm Wordfence and independent researchers.  The vulnerability, tracked as CVE-2025-6463 and rated 8.8 (High) on the…

Read more →

A newly disclosed vulnerability in Anthropic’s Model Context Protocol (MCP) Inspector tool has sent shockwaves through the AI development community, exposing a critical attack vector that could allow hackers to execute arbitrary code on developers’ machines—simply by luring them to…

Read more →

The S2 Group Intelligence team has uncovered a Russian-origin malware known as Snake Keylogger, a stealer coded in .NET, leveraging legitimate Java utilities to bypass security tools. This operation, distributed via a Malware as a Service (MaaS) model, targets diverse…

Read more →

A series of sophisticated cyberattacks targeting over 20 vital sectors in Israel and its allies has been launched by more than 80 hacktivist groups in a major escalation of cyberwarfare that parallels the ongoing Iran-Israel confrontation. Following Israel’s recent airstrikes…

Read more →

The North Korean state-sponsored hacker collective Kimsuky has been found to use a dishonest technique called “ClickFix” to compromise victim machines in a number of concerning cyberattacks. First documented by Proofpoint in April 2024, ClickFix manipulates users into executing malicious…

Read more →

The cybercriminal group TA829, also tracked under aliases like RomCom, Void Rabisu, and Tropical Scorpius, has been observed deploying sophisticated tactics, techniques, and procedures (TTPs) alongside an updated version of its infamous RomCom backdoor, now dubbed SingleCamper (aka SnipBot). This…

Read more →

A new ransomware variant, dubbed DEVMAN, has surfaced in the cyberthreat landscape, showcasing a complex lineage tied to the notorious DragonForce family. Built on a foundation of DragonForce and Conti codebases, DEVMAN introduces unique identifiers such as the .DEVMAN file…

Read more →

A series of critical vulnerabilities have been discovered in MICROSENS NMP Web+, a widely used network management platform for industrial and critical manufacturing environments, putting thousands of organizations worldwide at significant risk of cyberattack. The flaws, reported by security researchers…

Read more →

The Swiss government has confirmed that sensitive federal data has been leaked onto the dark web following a ransomware attack on Radix, a non-profit health promotion foundation serving multiple federal offices. The breach, attributed to the Sarcoma ransomware group, has…

Read more →

Multiple security vulnerabilities in IBM Cloud Pak System enable remote attackers to execute HTML injection attacks, potentially compromising user data and system integrity. These flaws, detailed in recent IBM security bulletins, affect various versions of the platform and expose organizations…

Read more →

A recent in-depth investigation by Intrinsec has exposed a sprawling network of over 300 cracking websites, orchestrated by Pakistani freelancers, designed to distribute info-stealing malware. These sites, often masquerading as legitimate sources for cracked software, have been identified as a…

Read more →

Microsoft Teams is set to revolutionize workplace collaboration once again, rolling out a highly anticipated feature that enables users to add bots and agents directly within Chats and Channels, without disrupting their ongoing conversations. The update, announced under Message ID…

Read more →

Cybersecurity researchers have unveiled a new attack—dubbed the “C4 Bomb” (Chrome Cookie Cipher Cracker)—that successfully bypasses Google Chrome’s much-touted AppBound Cookie Encryption. This breakthrough exposes millions of users to renewed risks of cookie theft, credential compromise, and potential data breaches,…

Read more →

Linus Torvalds has officially announced the release of Linux 6.16-rc4, marking the halfway point in the development cycle for the upcoming 6.16 kernel. Despite a notably large merge window, Torvalds described the release candidate process as “fairly calm,” signaling a smooth…

Read more →

A sophisticated malware campaign targeting WordPress websites has recently been uncovered, showcasing an intricate and stealthy approach to delivering a Windows-based trojan. This attack, which operates beneath the surface of seemingly clean websites, employs a layered infection chain involving PHP-based…

Read more →

Trustwave SpiderLabs has uncovered a chilling cyber threat targeting Latin American organizations, particularly in the financial sector, with a focus on Colombian institutions. The threat cluster, linked to the notorious Proton66 OOO infrastructure, employs a cunning mix of open-source Remote…

Read more →

Microsoft Threat Intelligence has uncovered a sophisticated operation by North Korean remote IT workers who are leveraging cutting-edge artificial intelligence (AI) tools to infiltrate organizations worldwide. Since at least 2020, these highly skilled individuals, often based in North Korea, China,…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA), alongside the Federal Bureau of Investigation (FBI), the Department of Defense Cyber Crime Center (DC3), and the National Security Agency (NSA), has issued a stern warning about potential cyberattacks by Iranian state-sponsored or…

Read more →

Security researchers have uncovered severe vulnerabilities in Django that could allow attackers to execute arbitrary code on affected systems. These flaws, ranging from directory traversal to log injection, highlight critical security risks in one of Python’s most popular web frameworks.…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert following the addition of a critical Citrix NetScaler vulnerability—CVE-2025-6543—to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation in the wild. Vulnerability Details CVE-2025-6543 is…

Read more →

Europol and international law enforcement have dismantled a sprawling cryptocurrency investment fraud network that allegedly defrauded more than 5,000 victims globally, laundering at least €460 million ($540 million) in illicit funds. The arrests, carried out on June 25, 2025, mark…

Read more →

The U.S. Department of Justice (DOJ) has announced a major crackdown on North Korea’s covert use of remote information technology (IT) workers to siphon millions from American companies and fund its weapons programs. The coordinated law enforcement actions, resulted in…

Read more →

Google has issued an urgent security update for its Chrome browser, addressing a critical zero-day vulnerability that is being actively exploited by attackers. The flaw, tracked as CVE-2025-6554, is a type confusion vulnerability in Chrome’s V8 JavaScript engine, which underpins the browser’s ability…

Read more →

A sophisticated phishing campaign has emerged, distributing the notorious Remcos Remote Access Trojan (RAT) through the DBatLoader malware. This attack chain, analyzed in ANY.RUN’s Interactive Sandbox, leverages a combination of User Account Control (UAC) bypass techniques, obfuscated scripts, Living Off…

Read more →

The Pi Network community eagerly celebrated Pi2Day, an event traditionally associated with platform updates, feature launches, and significant milestones. However, this year’s festivities have been overshadowed by a sinister wave of cyberattacks. Cybercriminals have capitalized on the event’s hype, launching…

Read more →

DragonForce Ransomware has emerged as a formidable player in the Ransomware-as-a-Service (RaaS) landscape since its debut in December 2023. Initially rooted in ideologically driven cyberattacks, the group has pivoted to financially motivated operations, establishing itself as a key threat actor…

Read more →

A sophisticated cyberattack campaign has emerged, exploiting a critical vulnerability in Langflow, a widely-used Python-based framework for building AI applications, to deploy the destructive Flodrix botnet. Identified as CVE-2025-3248 and carrying a near-perfect CVSS score of 9.8, this unauthenticated remote…

Read more →

Berlin’s data protection commissioner, Meike Kamp, has raised serious alarms over the Chinese AI application DeepSeek, accusing the company of unlawfully transferring personal data of German users to China in violation of the European Union’s stringent General Data Protection Regulation…

Read more →

Hackers successfully took control of critical operational systems at a dam facility near Risevatnet in Bremanger, Norway, during April. The attackers managed to seize command over the minimum water flow controls and gained access to the dam’s valve closure mechanism,…

Read more →

Glasgow City Council has issued an urgent alert to drivers across the region following a surge in scam text messages targeting unsuspecting motorists with fraudulent demands for parking fine payments. The authority has confirmed that these deceptive communications, often embedded…

Read more →

As cybercriminals and nation-state actors increasingly turn to the Rust programming language for malware development, Microsoft’s Threat Intelligence Center has unveiled a powerful new open-source tool called RIFT to help security analysts combat this growing threat. Rust, renowned for its…

Read more →

A series of critical security vulnerabilities have been identified in D-Link DIR-816 routers, exposing users worldwide to the risk of remote code execution and network compromise.  The flaws affect all hardware revisions and firmware versions of the DIR-816 (non-US), which…

Read more →

The notorious hacking collective Scattered Spider, also known as UNC3944 or Octo Tempest, has emerged as a formidable threat to high-value industries, with a particular focus on technology, finance, and retail sectors. Recent research reveals that 81% of the group’s…

Read more →

A malicious campaign has emerged, targeting Chinese-speaking users through fake installers of popular software such as WPS Office, Sogou, and DeepSeek. This operation, attributed with medium confidence to the China-based adversary group Silver Fox, leverages phishing websites that mimic legitimate…

Read more →

A threat actor using the RansomHub ransomware carried out a painstakingly planned attack beginning in November 2024 in a terrifying cyber intrusion that was recently reported by DFIR Labs. The assault began with a password spray attack targeting an exposed…

Read more →

The Canadian government has ordered Hikvision, one of the world’s largest manufacturers of surveillance cameras, to halt all operations in Canada and shut down its local business. The decision, announced late Friday by Industry Minister Mélanie Joly, follows a comprehensive…

Read more →

A groundbreaking report titled “The State of Ransomware 2025” by Sophos, released in June 2025, has shed light on the persistent and evolving threat of ransomware attacks targeting organizations worldwide. The study, based on responses from 3,400 victims, identifies exploited…

Read more →

Ahold Delhaize USA Services, LLC, a major grocery retail operator, has confirmed a significant data breach that compromised the personal information of over 2.2 million shoppers across the United States, including nearly 100,000 residents of Maine. The breach, which was…

Read more →

A critical security vulnerability, tracked as CVE-2025-36038, has been discovered in IBM WebSphere Application Server, exposing organizations to the risk of remote code execution by unauthenticated attackers. This flaw, which affects widely deployed versions 8.5 and 9.0, is rated with a CVSS…

Read more →

A critical vulnerability in Synology’s Active Backup for Microsoft 365 (ABM) has exposed sensitive data from Microsoft 365 tenants worldwide, potentially impacting over a million organizations relying on the popular backup solution. The flaw, tracked as CVE-2025-4679, allowed attackers to access confidential Microsoft…

Read more →

A newly released offensive cybersecurity toolkit, Zig Strike, is making waves in the security community for its advanced ability to generate payloads that evade traditional and next-generation security defenses, including antivirus (AV), Endpoint Detection and Response (EDR), and Extended Detection and…

Read more →

In a major security revelation, researchers have uncovered critical vulnerabilities in millions of Bluetooth headphones and earbuds, enabling hackers to eavesdrop on conversations, hijack devices, and access sensitive data—all without user authentication or pairing. The flaws, discovered by German security…

Read more →

The Arctic Wolf Labs team has uncovered a dramatic transformation in the capabilities of the GIFTEDCROOK infostealer, wielded by the threat group UAC-0226. Initially identified as a rudimentary browser data stealer in early 2025, this malware has undergone rapid evolution…

Read more →

ESET researchers have uncovered a sophisticated attack vector exploiting Near Field Communication (NFC) data, initially targeting Czech banking customers but now spreading worldwide. According to the ESET Threat Report H1 2025, the incidence of NFC-related attacks has skyrocketed, with telemetry…

Read more →

Threat actors have been observed exploiting file upload vulnerabilities to deploy web shells and advanced malware on both Windows and Linux systems. The campaign, which showcases a blend of publicly available tools and custom malicious payloads, indicates a highly coordinated…

Read more →

A sophisticated social engineering campaign has surfaced on TikTok, leveraging the platform’s massive user base and algorithmic reach to distribute information-stealing malware, specifically Vidar and StealC. Identified by Trend Research, this attack uses potentially AI-generated videos to deceive users into…

Read more →