The Socket Threat Research Team has discovered a new software supply chain attack that uses a malware loader called XORIndex that had not been previously reported, marking a major uptick in North Korean cyber operations. This activity builds on the…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
New AsyncRAT Forks Discovered Featuring Screamer Tool and USB Malware Spreader
Cybersecurity researchers have identified two sophisticated AsyncRAT variants that expand the remote access trojan’s capabilities with a psychological warfare component and enhanced propagation mechanisms. The newly discovered forks introduce a “Screamer” plugin designed to terrorize victims through audio manipulation and…
BaitTrap Reveals Global Web of 17,000+ Fraud-Promoting Fake News Sites
Cybersecurity firm CTM360 has unveiled an extensive network of over 17,000 Baiting News Sites (BNS), engineered by cybercriminals to disseminate investment fraud on a global scale. These deceptive platforms, identified through CTM360’s proprietary WebHunt monitoring system, masquerade as authoritative news…
Hacktivists Launch Attacks on ICS Systems to Exfiltrate Sensitive Information
Hacktivists’ attacks on Industrial Control Systems (ICS) are becoming more intense in a noticeable evolution of ideologically motivated cyber operations. They have progressed from simple Distributed Denial of Service (DDoS) attacks and website vandalism to more complex intrusions targeted at…
LaRecipe Tool with 2.3M Downloads Found Vulnerable to Full Server Takeover
A critical security vulnerability has been discovered in LaRecipe, a popular Laravel documentation package with over 2.3 million downloads, that could allow attackers to completely compromise affected servers. The vulnerability, identified as CVE-2025-53833, enables Server-Side Template Injection (SSTI) attacks that…
14 Hackers Arrested in Massive Tax Fraud Scheme, Authorities Confirm
Authorities have arrested 14 individuals in a coordinated international operation targeting a sophisticated tax fraud scheme that exploited stolen personal data to submit fraudulent claims worth over £1 million. The arrests demonstrate the growing collaboration between UK and Romanian law…
Ransomware Threat Grows as Attackers Move Into VMware and Linux
Linux has been the reliable backbone of business infrastructure for many years; it powers 96% of the top million web servers worldwide and more than 80% of workloads in public clouds. Its reputation for reliability and inherent security has long…
North Korean Hackers Exploit Zoom Invites in Attacks on Crypto Companies
Cybersecurity firm SentinelOne has exposed an ongoing malware campaign orchestrated by North Korean threat actors, known for their persistent “fake interview” scams. This operation continues to leverage spear-phishing tactics aimed at individuals and organizations within the Web3, cryptocurrency, and blockchain…
MITRE Launches AADAPT Framework to Counter Real-World Attacks on Digital Asset Systems
The MITRE Corporation has unveiled its comprehensive AADAPT™ framework (Adversarial Actions in Digital Asset Payment Technologies), a specialized knowledge base designed to catalog and counter sophisticated attacks targeting digital asset management systems, cryptocurrency exchanges, and blockchain infrastructure. The framework represents…
British Citizen Sentenced for Islamophobic WiFi Hack at UK Train Stations
John Andreas Wik, a 37-year-old resident of Limes Road in Beckenham, has been handed a 24-month prison sentence, suspended for two years, after admitting to orchestrating an Islamophobic hack of free WiFi landing pages at multiple train stations across Britain.…
Apache Tomcat Coyote Flaw Allows Attackers to Launch DoS Attacks
The Apache Software Foundation has revealed a vulnerability in the Tomcat Coyote module, specifically within the Maven artifact org.apache.tomcat:tomcat-coyote, that could enable malicious actors to orchestrate denial-of-service (DoS) attacks. This flaw stems from an uncontrolled resource consumption issue tied to…
NCC Advises Immediate Windows 11 Upgrade to Strengthen Cyberattack Defenses
The National Cyber Security Centre (NCSC) has unveiled its latest recommended configuration packs for Microsoft Windows operating systems, designed to streamline the deployment of baseline security settings. These packs distill essential configurations into a minimal set that balances usability with…
PoC Released for High-Severity Git CLI Vulnerability Allowing Arbitrary File Writes
A critical vulnerability in Git’s command-line interface has been disclosed with public proof-of-concept exploits available, allowing arbitrary file writes and remote code execution on Linux and macOS systems. CVE-2025-48384 affects Git installations using git clone –recursive on weaponized repositories, exploiting improper handling…
Government Organizations Targeted via AWS Lambda URL Endpoint Exploits
Unit 42 researchers from Palo Alto Networks have been monitoring a sophisticated threat cluster designated CL-STA-1020, which has been systematically targeting governmental entities across Southeast Asia. This operation focuses on extracting sensitive data from government agencies, particularly details surrounding recent…
Cybercriminals Clone CNN, BBC, and CNBC Sites to Lure Victims into Investment Fraud
Researchers have unveiled a sprawling cybercrime syndicate orchestrating an elaborate phishing and investment fraud campaign by cloning legitimate news outlets such as CNN, BBC, CNBC, News24, and ABC News. This operation leverages domain spoofing and typosquatting techniques to fabricate over…
ImageMagick Vulnerability Enables RCE via Malicious File Name Patterns
A critical vulnerability in ImageMagick’s image processing library has been disclosed, enabling remote code execution through carefully crafted filename templates. Tracked as CVE-2025-53101, the flaw stems from a stack buffer underwrite in the MagickCore/image.c module. By specifying multiple consecutive format…
CBI Uncovers Noida Tech Support Scam Targeting Victims in UK and Australia
The Central Bureau of Investigation (CBI) has made a major breakthrough in Operation Chakra-V by taking down a sophisticated global cybercrime network that was primarily targeting people in Australia and the United Kingdom with tech support frauds. This operation highlights…
Red Bull-Themed Phishing Attacks Target Job Seekers’ Credentials
A few significant investments in email filtering, authentication procedures, and endpoint protection, attackers are constantly improving their techniques to circumvent automated security measures in a time when phishing is still a major cyberthreat. A recent campaign identified by Evalian’s Security…
CISA Flags Remote Linking Protocol Flaws Allowing Attackers to Hijack Train Brake Systems
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority security alert warning of serious vulnerabilities in railway brake control systems that could allow attackers to commandeer train operations and potentially cause catastrophic accidents. The alert, published on July…
Critical RCE Vulnerability Found in Symantec Endpoint Management Platform
Security researchers at LRQA have uncovered a critical remote code execution (RCE) vulnerability in Broadcom’s Symantec Endpoint Management Suite, formerly known as Altiris, that could allow unauthenticated attackers to execute arbitrary code on vulnerable systems. The flaw, assigned CVE-2025-5333, affects…