Security researchers at LRQA have uncovered a critical remote code execution (RCE) vulnerability in Broadcom’s Symantec Endpoint Management Suite, formerly known as Altiris, that could allow unauthenticated attackers to execute arbitrary code on vulnerable systems. The flaw, assigned CVE-2025-5333, affects…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
CISA Issues Alert on Actively Exploited Wing FTP Server Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Wing FTP Server vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that threat actors are actively exploiting the security flaw in the wild. Critical Security Flaw Enables System…
Gigabyte UEFI Firmware Vulnerability Allows Code Execution in SMM Privileged Mode
Critical security vulnerabilities in Gigabyte motherboard firmware have been disclosed that allow attackers to execute arbitrary code in System Management Mode (SMM), the most privileged execution level on x86 processors. The flaws, identified by security researchers at Binarly REsearch, affect…
Microsoft Explains How to Find and Stop Processes Blocking Files in Windows
Microsoft has provided comprehensive guidance on resolving one of Windows users’ most frustrating issues: the dreaded “The process cannot access the file because it is being used by another process” error message. This common problem occurs when multiple programs attempt…
Weaponized Games: Threat Actors Target Gen Z Gamers Through Popular Titles
Kaspersky security researchers have discovered sophisticated threat actor activities that take advantage of the digitally native Gen Z population, which was born between 1997 and 2012 and is heavily involved in gaming, streaming, and anime, for malevolent purposes. Over a…
New Forensic Method Reveals Hidden Traces of RDP Exploits by Hackers
Cybersecurity researchers have unveiled advanced techniques for tracking attackers who use Remote Desktop Protocol (RDP) to move laterally through compromised networks, turning the very technology hackers rely on into a digital fingerprint that reveals their every move. The breakthrough centers…
Hackers Weaponize Compiled HTML Help to Deliver Malicious Payload
Threat actors have exploited Microsoft Compiled HTML Help (CHM) files to distribute malware, with a notable sample named deklaracja.chm uploaded to VirusTotal from Poland. This CHM file, a binary container for compressed HTML and associated objects, serves as a delivery…
Louis Vuitton Suffers Data Breach—Customer Information Stolen
Luxury fashion house Louis Vuitton has confirmed that customer data from its UK operations was compromised in a cyber-attack, marking the latest in a series of high-profile retail breaches targeting major brands. The incident, which occurred on July 2, 2025,…
RenderShock 0-Click Exploit Executes Payloads Silently via Background Process
A new class of cyberattack called RenderShock has been identified that can compromise enterprise systems without requiring any user interaction, exploiting the very productivity features designed to help workers preview and process files automatically. Unlike traditional malware that requires users…
Threats Actors Use Sophisticated Hacking Tools to Destroy Organizations Critical Infrastructure
Threat actors, ranging from state-sponsored organizations to non-state actors, are using sophisticated cyber weapons to breach and destroy vital infrastructure in a time when digital and physical security are becoming more intertwined. These tools, often manifesting as malware agents like…
KongTuke Campaign Deploys Modified Interlock RAT Using FileFix Method Against Windows Environments
Researchers from The DFIR Report, collaborating with Proofpoint, have uncovered a resilient PHP-based variant of the Interlock ransomware group’s remote access trojan (RAT), marking a significant evolution from the previously documented JavaScript-driven NodeSnake. This adaptation, observed in campaigns linked to…
WinRAR 0‑Day Exploit Listed for $80K on Dark Web Forum
A sophisticated zero-day exploit targeting WinRAR, one of the world’s most popular file compression utilities, has surfaced on a dark web marketplace with a hefty price tag of $80,000. The previously unknown remote code execution (RCE) vulnerability affects both the…
Grok-4 Jailbroken Using Echo Chamber and Crescendo Exploit Combo
Security researchers have successfully demonstrated a sophisticated jailbreak attack against Grok-4, X’s advanced AI language model, by combining two powerful exploit techniques known as Echo Chamber and Crescendo. This breakthrough highlights growing concerns about the vulnerability of large language models…
Fortinet FortiWeb Fabric Connector Flaw Enables Remote Code Execution
Security researchers have identified a severe pre-authentication SQL injection vulnerability in Fortinet’s FortiWeb Fabric Connector, designated as CVE-2025-25257, that allows unauthenticated attackers to execute unauthorized SQL commands and potentially achieve remote code execution. The vulnerability affects multiple versions of FortiWeb,…
DPC Investigates TikTok Over Transfer of EU User Data to China
The Data Protection Commission (DPC) has launched a formal inquiry into TikTok Technology Limited, scrutinizing the company’s practices regarding the transfer and storage of European Economic Area (EEA) users’ personal data to servers in China. This development stems from discrepancies…
COMmander: Network-Based Tool for COM and RPC Exploitation
The need for solutions that improve detection skills against sophisticated attacks is growing in the ever-changing cybersecurity world. COMmander emerges as a lightweight, C#-based utility designed to bolster defensive telemetry by monitoring Remote Procedure Call (RPC) and Component Object Model…
Researchers Bypass Meta’s Llama Firewall Using Prompt Injection Vulnerabilities
Researchers at Trendyol, a leading e-commerce platform, have uncovered multiple vulnerabilities in Meta’s Llama Firewall, a suite of tools designed to safeguard large language models (LLMs) against malicious inputs. Llama Firewall incorporates components like PROMPT_GUARD for mitigating prompt injection attacks…
Fake Gaming and AI Companies Target Windows and macOS Users with Drainer Malware Attacks
The cybersecurity company Darktrace has uncovered a persistent, intricate social engineering campaign that targets bitcoin users, building on earlier findings by Cado Security Labs in December 2024. Threat actors are fabricating elaborate startup companies themed around AI, gaming, video conferencing,…
Bitcoin Depot Breach Exposes Data of 27,000 Crypto Users
Bitcoin Depot, Inc., a prominent cryptocurrency ATM operator, has disclosed a data breach that compromised the personal information of approximately 27,000 users. The breach, which involved unauthorized access to sensitive customer records, underscores the persistent vulnerabilities in the fintech sector,…
GPUHammer: First-Ever Rowhammer Attack Targeting NVIDIA GPUs
Researchers from the University of Toronto have unveiled the first successful Rowhammer attack on an NVIDIA GPU, specifically targeting the A6000 model equipped with GDDR6 memory. Dubbed “GPUHammer” in some circles, this exploit builds on the decade-old Rowhammer vulnerability, traditionally…