Oracle has released VirtualBox 7.2.2, a critical maintenance update that addresses multiple GUI crashes and stability issues affecting users across Windows, Linux, and macOS platforms. Released on September 10, 2025, this update represents a significant improvement in the virtualization software’s…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
New ToneShell Variant Uses Task Scheduler COM Service to Maintain Persistence
The latest ToneShell variant introduces a notable advancement in its persistence strategy by leveraging the Windows Task Scheduler COM service. This lightweight backdoor, traditionally delivered through DLL sideloading techniques, now incorporates enhanced persistence mechanisms and sophisticated anti-analysis capabilities that pose…
Microsoft Teams Launches Automatic Alerts for Malicious Links
Microsoft is significantly enhancing security for its Teams platform by introducing automatic warning systems that alert users about malicious links in chat messages. This new protective feature represents a crucial advancement in safeguarding collaboration platforms from increasingly sophisticated cyber threats…
New VMScape Spectre-BTI Attack Targets Isolation Flaws in AMD and Intel CPUs
Cybersecurity researchers at ETH Zurich have disclosed a critical new Spectre-based attack called VMSCAPE that exploits incomplete branch predictor isolation in virtualized cloud environments. The attack, tracked as CVE-2025-40300, affects multiple generations of AMD and Intel processors and enables malicious virtual machines to…
Cornwell Quality Tools Suffers Data Breach, 100,000 User Records Exposed
Cornwell Quality Tools, a leading automotive and industrial tool supplier, has confirmed a significant data breach that compromised the personal information of 103,782 individuals. The cybersecurity incident occurred on December 12, 2024, when unauthorized attackers gained access to the company’s…
Top 10 Best Mobile Application Penetration Testing Services in 2025
Mobile Application Penetration Testing is a critical cybersecurity service in 2025, focusing on a unique and rapidly evolving attack surface. These tests go beyond static code analysis to assess an app’s runtime behavior, server-side interactions, and how it handles sensitive…
Top 10 Best Cloud Penetration Testing Companies in 2025
Cloud is the foundation of modern business, but it comes with a complex and evolving security landscape. Traditional penetration testing, which focuses on on-premise networks and applications, is not sufficient to secure these dynamic environments. Cloud penetration testing requires specialized…
Threat Actors Leveraging Open-Source AdaptixC2 in Real-world Attacks
In early May 2025, Unit 42 researchers observed multiple instances of AdaptixC2 being deployed to infect enterprise systems. Unlike many high-profile command-and-control (C2) platforms, AdaptixC2 has flown under the radar, with scant public documentation demonstrating its use in live adversary…
Angular SSR Vulnerability Allows Attackers to Access Sensitive Data
A high vulnerability in Angular’s server-side rendering (SSR) feature can lead to sensitive data exposure when multiple requests are handled at the same time. This flaw, tracked as CVE-2025-59052, stems from a global race condition in the platform injector that…
Massive L7 DDoS Botnet Exploits 5.76M Hijacked Devices for Record Attacks
In a stark reminder of how vulnerable online services remain, Qrator Labs has revealed that a sprawling Layer 7 distributed denial-of-service (DDoS) botnet has swelled to over 5.76 million compromised devices, unleashing unprecedented traffic against critical infrastructures. Monitored since late…
Attackers Abuse Kubernetes DNS to Extract Git Credentials from ArgoCD
A newly discovered attack method targeting ArgoCD and Kubernetes that could give red-teamers fresh ammo and blue-teamers fresh headaches. This technique lets an attacker abuse Kubernetes DNS to steal powerful Git credentials from ArgoCD, potentially taking over entire Git accounts.…
Kenyan Filmmakers Targeted with FlexiSPY Spyware Tracking Messages and Social Media
The revelation that commercially available FlexiSPY spyware was clandestinely installed on devices belonging to Kenyan filmmakers while in police custody has ignited fresh concerns over press freedom and governmental overreach. Forensic analysis conducted by the Citizen Lab at the University…
CoreDNS Vulnerability Allows Attackers to Poison DNS Cache and Block Updates
A critical flaw in CoreDNS’s etcd plugin can let attackers pin DNS records in caches for years, effectively blocking legitimate updates. This vulnerability, tracked as CVE-2025-58063, stems from incorrect handling of etcd lease IDs. It affects every CoreDNS release from…
Cyber Attack Exposes LNER Train Passengers’ Personal Data
London North Eastern Railway (LNER) has confirmed that an unauthorized breach at one of its third-party suppliers exposed contact details and travel histories of some passengers. No banking or password data were involved. The company says it is treating the…
EggStreme Malware Emerges With Fileless Techniques and DLL Sideloading Payloads
A Chinese APT group compromised a Philippine military company using a new, fileless malware framework called EggStreme. This multi-stage toolset achieves persistent, low-profile espionage by injecting malicious code directly into memory and leveraging DLL sideloading to execute payloads. The core…
kkRAT Exploits Network Protocols to Exfiltrate Clipboard Data
The threat actor delivers three Remote Access Trojans (RATs)—ValleyRAT, FatalRAT, and a newly discovered RAT dubbed kkRAT—via phishing sites hosted on GitHub Pages. These sites masquerade as legitimate software installers for popular applications. In each instance, a ZIP archive contains…
Palo Alto Networks User-ID Agent Flaw Leaks Passwords in Cleartext
A newly disclosed vulnerability in the Palo Alto Networks User-ID Credential Agent on Windows systems allows service account passwords to be exposed in cleartext under certain non-default configurations. Tracked as CVE-2025-4235, the flaw carries a CVSS base score of 4.2…
PoisonSeed Threat Actor Strengthens Credential Theft Operations with New Domains
Spoof the email delivery platform SendGrid and employ fake Cloudflare CAPTCHA interstitials to lend legitimacy before redirecting unsuspecting users to credential harvesting pages. Since June 1, 2025, DomainTools Investigations has identified 21 newly registered domains exhibiting hallmarks of the eCrime…
ZynorRAT Exploits Windows and Linux Systems to Gain Remote Access
During a recent threat hunting exercise, the Sysdig Threat Research Team (TRT) identified a new sample dubbed ZynorRAT. This Go-based Remote Access Trojan (RAT) delivers a comprehensive suite of custom command-and-control (C2) capabilities for both Linux and Windows systems. First…
Wyden Urges FTC to Investigate Microsoft Over Weak RC4 Encryption Enabling Kerberoasting
Senator Ron Wyden has formally requested the Federal Trade Commission investigate Microsoft for cybersecurity negligence that has enabled ransomware attacks against critical infrastructure organizations nationwide. In a September 10 letter to FTC Chair Andrew Ferguson, Wyden detailed how Microsoft’s dangerous…