Attackers are increasingly leveraging the ClickFix social engineering technique to distribute potent malware families, including NetSupport RAT, Latrodectus, and Lumma Stealer. This method, which emerged prominently in recent months, tricks users into executing malicious commands under the guise of resolving…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Threat Actors Exploit Ivanti Connect Secure Flaws to Deploy Cobalt Strike Beacon
Threat actors have been actively exploiting vulnerabilities in Ivanti Connect Secure, specifically CVE-2025-0282 and CVE-2025-22457, to deploy advanced malware, including MDifyLoader and Cobalt Strike Beacon. These attacks, observed from December 2024 through July 2025, build on prior incidents involving SPAWNCHIMERA…
Russian Vodka Maker Beluga Struck by Ransomware Attack
Novabev Group, the parent company of premium vodka brand Beluga, has confirmed it was hit by a sophisticated ransomware attack on July 14, 2025, temporarily disrupting operations and affecting IT infrastructure across the company and its WineLab subsidiary. The Russian…
10 Best XDR (Extended Detection & Response) Solutions 2025
In 2025, the cybersecurity landscape is more fragmented and perilous than ever before. Organizations face an explosion of data sources, an increasing attack surface spanning endpoints, networks, cloud environments, and identities, and a relentless onslaught of sophisticated, multi-stage attacks. Traditional…
CISA Publishes 13 ICS Security Advisories on Critical Flaws
The Cybersecurity and Infrastructure Security Agency (CISA) released thirteen Industrial Control Systems (ICS) security advisories on July 17, 2025, highlighting critical vulnerabilities that could compromise essential infrastructure operations. This coordinated disclosure represents one of the most significant advisory releases of…
‘Daemon Ex Plist’ Vulnerability Grants Root Access on macOS
A newly disclosed vulnerability dubbed “Daemon Ex Plist” allows attackers to escalate privileges from standard user to root access on macOS systems, exploiting a timing flaw in how the operating system handles daemon configuration files. Security researcher Egor Filatov published details of…
Signal App Clone Vulnerability Actively Exploited for Password Theft
A critical vulnerability in TeleMessageTM SGNL, an enterprise messaging platform modeled after Signal, is being actively exploited by threat actors to steal passwords and sensitive data from government agencies and enterprises. The flaw, tracked as CVE-2025-48927, was added to CISA’s…
Microsoft Entra ID Flaw Enables Privilege Escalation to Global Admin
Security researchers have uncovered a critical vulnerability in Microsoft Entra ID that allows attackers to escalate privileges and gain Global Administrator access, potentially compromising entire organizational environments. This flaw represents a significant security risk for enterprises relying on Microsoft’s cloud…
BIND 9 Vulnerabilities Enable Cache Poisoning and Service Disruption
The Internet Systems Consortium (ISC) has disclosed two critical security vulnerabilities in BIND 9, one of the most widely used DNS software implementations worldwide. Published on July 16, 2025, these vulnerabilities could allow attackers to poison DNS caches and disrupt…
Hackers Abuse DNS Blind Spots to Stealthily Deliver Malware
Cybersecurity researchers have uncovered a sophisticated technique where threat actors are exploiting DNS infrastructure to covertly store and distribute malware, turning the internet’s domain name system into an unwitting accomplice for malicious activities. The discovery reveals how attackers can hide…
Microsoft Teams Exploited to Deliver Matanbuchus Ransomware Payload
A sophisticated cyberattack campaign has emerged targeting organizations through Microsoft Teams impersonation, delivering the updated Matanbuchus 3.0 malware loader that serves as a precursor to ransomware deployment. Security researchers at Morphisec have identified instances where attackers successfully compromised systems by…
Ukrainian Hackers Claim Cyberattack on Major Russian Drone Supplier
A Ukrainian woman who survived a catastrophic cluster munition attack in 2014 continues to navigate the complex aftermath of severe combat-related injuries, highlighting the long-term humanitarian consequences of explosive ordnance use in populated areas. Nelya Leonidova, 34 at the time…
H2Miner Targets Linux, Windows, and Containers to Illicitly Mine Monero
FortiGuard Labs researchers have uncovered a sophisticated cryptomining campaign where the H2Miner botnet, active since late 2019, has expanded its operations to target Linux, Windows, and containerized environments simultaneously. The campaign represents a significant evolution in cross-platform cryptocurrency mining attacks,…
SquareX Collaborates With Top Fortune 500 CISOs To Launch The Browser Security Field Manual At Black Hat
Palo Alto, California, July 17th, 2025, CyberNewsWire SquareX announced the official launch of The Browser Security Field Manual at Black Hat USA 2025. In addition to a comprehensive practical guide to the latest TTPs attackers are using to target employees…
Massistant: Chinese Mobile Forensic Tool Accesses SMS, Images, Audio, and GPS Data
Cybersecurity researchers at Lookout Threat Lab have uncovered a sophisticated mobile forensics application called Massistant, deployed by Chinese law enforcement to extract comprehensive data from confiscated mobile devices. The tool represents a significant evolution from its predecessor MFSocket, incorporating advanced…
Chinese State-Sponsored Hackers Target Semiconductor Industry with Weaponized Cobalt Strike
Proofpoint Threat Research has identified a sophisticated multi-pronged cyberespionage campaign targeting Taiwan’s semiconductor industry between March and June 2025. Three distinct Chinese state-sponsored threat actors, designated as UNK_FistBump, UNK_DropPitch, and UNK_SparkyCarp, conducted coordinated phishing operations against organizations spanning semiconductor manufacturing,…
Over 4 Million Exposed Devices Used in Two New DoS Attack Campaigns
Security researchers have discovered over 4 million vulnerable Internet hosts that can be weaponized for devastating new denial-of-service attacks, marking one of the largest infrastructure vulnerabilities uncovered in recent years. The groundbreaking research, conducted by Angelos Beitis and Mathy Vanhoef…
Researchers Reveal How Hacktivist Groups Gain Attention and Choose Their Targets
Cybersecurity researchers at Graphika have unveiled comprehensive findings on the operational dynamics of hacktivist organizations, revealing sophisticated attention-seeking behaviors and strategic target selection methodologies. Through their ATLAS intelligence reporting platform, analysts have systematically monitored approximately 700 active and inactive hacktivist…
UNG0002 Actors Weaponize LNK Files via ClickFix Fake CAPTCHA Pages
Cybersecurity researchers at Seqrite Labs have identified a sophisticated espionage group designated as UNG0002 (Unknown Group 0002) that has been conducting persistent campaigns across multiple Asian jurisdictions since May 2024. The threat actors have demonstrated remarkable adaptability by integrating social…
1-Click Oracle Cloud Code Editor RCE Flaw Allows Malicious File Upload to Shell
Tenable Research has disclosed a critical Remote Code Execution (RCE) vulnerability in Oracle Cloud Infrastructure’s Code Editor that enabled attackers to silently hijack victim Cloud Shell environments through a single malicious link. The vulnerability, which has since been remediated by…