Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Researchers have unearthed details of the Pterodo malware family, notably the PteroLNK variant used by the Russian-nexus threat group, Gamaredon. The group, which is believed to be associated with Russia’s Federal Security Service (FSB), has been targeting Ukrainian entities, focusing…

Read more →

Cybercriminals are exploiting the trust in e-gift cards and the prestige of Amazon to steal Microsoft credentials from unsuspecting employees. The attack begins with an email, disguised as a “Reward Gateway” message from a victim’s employer, promising a $200 Amazon…

Read more →

A new ransomware variant known as “Ghost” (also referred to as Cring) has emerged as a significant danger. Since its first appearance in 2021, the FBI and CISA have issued a joint advisory on February 2025, highlighting its growing menace,…

Read more →

China has announced a significant step forward in its partnership with Russia, with plans to expand their cooperation in the field of cybersecurity. In an article published by Sputnik News, Chinese Ambassador to Russia Zhang Hanhui outlined Beijing’s intention to…

Read more →

A critical vulnerability in the widely adopted Model Context Protocol (MCP), an open standard for integrating generative AI (GenAI) tools with external systems, has exposed organizations to risks of data theft, ransomware, and unauthorized access. Security researchers demonstrated two proof-of-concept…

Read more →

In today’s rapidly evolving digital landscape, security has transcended from being a technical concern to a strategic leadership imperative. As cyber threats become more sophisticated and regulatory requirements more stringent, the security decisions you make as a leader can significantly…

Read more →

French fintech leader Harvest SAS has become the latest high-profile victim of a sophisticated ransomware attack, culminating this week in the public release of a trove of sensitive stolen data. The breach, orchestrated by the rapidly emerging cybercriminal group known as Run Some…

Read more →

A major security flaw has been uncovered in the widely used Erlang/OTP SSH implementation, drawing urgent attention from the cybersecurity community worldwide. The vulnerability, tracked as CVE-2025-32433, exposes systems to unauthenticated remote code execution, potentially allowing hackers to fully compromise affected…

Read more →

The China-sponsored hacking group, Mustang Panda, has been uncovered by Zscaler ThreatLabz to employ new techniques and tools, including the updated backdoor ToneShell and a novel tool named StarProxy, to evade endpoint detection and response (EDR) systems. Mustang Panda’s New…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a public warning following reports of possible unauthorized access to a legacy Oracle Cloud environment. While the full scope and impact of the incident remain under investigation, CISA’s alert underscores serious…

Read more →

A critical vulnerability in PHP’s extract() function has been uncovered, enabling attackers to execute arbitrary code by exploiting memory corruption flaws. The issue affects PHP versions 5.x, 7.x, and 8.x, allowing malicious actors to trigger double-free (PHP 5.x) or use-after-free (PHP 7.x/8.x) conditions, ultimately leading to…

Read more →

Intel Corporation has announced the divestiture of a 51% stake in its Altera division to Silver Lake, valuing the programmable logic company at $8.75 billion. This transaction marks a significant shift in Intel’s focus, enabling the tech giant to streamline…

Read more →

Researchers from Palo Alto Networks have uncovered a series of malicious spam campaigns leveraging the notorious Agent Tesla malware through intricate, multi-stage infection vectors. The attack begins innocuously enough with the receipt of a socially engineered email, often crafted to…

Read more →

A hacker has exposed the personal records of over 33,000 employees after discovering unrestricted endpoints belonging to a major technology service provider. The breach, first reported by cybersecurity platform CloudSEK’s BeVigil, highlights alarming gaps in API security that could have…

Read more →

Google has announced the removal of 5.5 billion malicious advertisements and the suspension of over 700,000 offending advertiser accounts in 2024, according to its recently released Ads Safety Report. This accomplishment underscores Google’s ongoing commitment to fighting digital ad fraud,…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert after confirming active exploitation of a SonicWall vulnerability. The flaw, documented as CVE-2021-20035, targets SonicWall’s SMA100 series appliances and has been added to CISA’s Known Exploited Vulnerabilities Catalog.…

Read more →

Log correlation has emerged as an essential technique, enabling security teams to connect seemingly isolated events across diverse systems to identify sophisticated attack patterns. By analyzing log data from different sources, organizations can detect advanced persistent threats that might otherwise…

Read more →

In the modern enterprise, network security teams face the daunting challenge of detecting and responding to multi-stage attacks that unfold over days or even weeks. Two of the most powerful tools in this battle are NetFlow and PCAP. NetFlow, often…

Read more →

Cisco has disclosed a high-severity vulnerability in its widely used Webex App, warning users that attackers could exploit the flaw to execute arbitrary code on targeted computers. Tracked as CVE-2025-20236, the vulnerability arises from improper input validation in the app’s custom…

Read more →

Apple has urgently rolled out iOS 18.4.1 and iPadOS 18.4.1 to patch two zero-day vulnerabilities that were actively exploited in “extremely sophisticated” attacks aimed at specific iOS users. The flaws, found in the CoreAudio and RPAC components, posed serious risks,…

Read more →