Swedish authorities have launched formal investigations into a significant data breach affecting Miljödata, a prominent IT company whose security lapse exposed the personal information of over 1.5 million individuals. The Swedish Data Protection Authority (IMY) initiated the probe following the…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Jupyter Misconfiguration Exposes Systems to Root Privilege Escalation
Security researchers have uncovered a vulnerability in commonly misconfigured Jupyter notebook servers that allows attackers to gain root-level access on Linux systems. The flaw doesn’t stem from a bug in Jupyter itself, but rather from dangerous configuration choices that leave…
AI Engine WordPress Plugin Exposes 100,000 WordPress Sites to Privilege Escalation Attacks
A critical vulnerability discovered in the AI Engine WordPress plugin threatens over 100,000 active installations worldwide. On October 4th, 2025, security researchers identified a Sensitive Information Exposure vulnerability that allows unauthenticated attackers to extract bearer tokens and escalate their privileges…
Curly COMrades Hacker Group Deploys New Tools for Stealthy Remote Access on Compromised Windows 10 Systems
A sophisticated threat actor known as Curly COMrades has demonstrated advanced evasion capabilities by leveraging legitimate Windows virtualization features to establish covert, long-term access to victim networks. Operating to support Russian geopolitical interests, the group has deployed innovative tools and…
Security Professionals Charged for Using BlackCat Ransomware Against American Businesses
Two individuals with security backgrounds have been federally charged for orchestrating a coordinated ransomware attack campaign against American businesses using the dangerous BlackCat strain. Ryan Clifford Goldberg from Georgia and Kevin Tyler Martin from Texas face serious federal charges including…
FIN7 Hackers Leverage Windows SSH Backdoor for Stealthy Remote Access and Persistence
The notorious FIN7 cybercriminal group, also known as Savage Ladybug, continues to rely on a sophisticated Windows SSH backdoor infrastructure with minimal modifications since 2022, according to threat intelligence analysis. The threat actor has maintained operational consistency while using an…
Silent Lynx APT New Attack Targeting Governmental Employees Posing as Officials
Seqrite Labs’ APT Team has documented fresh campaigns from Silent Lynx, a sophisticated threat actor group known for orchestrating spear-phishing operations that impersonate government officials to target diplomatic and governmental employees across Central Asia. The group, also tracked under aliases…
Hackers Abuse OneDrive.exe via DLL Sideloading to Run Malicious Code
Security researchers have discovered a sophisticated attack technique that exploits Microsoft’s OneDrive application to execute malicious code without detection. The method, known as DLL sideloading, leverages the way Windows loads library files to trick legitimate applications into running attacker-controlled software.…
Attackers Exploit Microsoft Teams Flaws to Manipulate Messages and Fake Notifications
Check Point Research uncovered four critical vulnerabilities in Microsoft Teams that could allow attackers to impersonate executives, manipulate messages, alter notifications, and forge identities during video and audio calls. The research team discovered that both external guest users and malicious…
DragonForce Cartel Surfaces from Leaked Conti v3 Ransomware Source Code
Acronis Threat Research Unit has analyzed recent activity linked to the DragonForce ransomware group and identified a new malware variant in the wild. The latest sample uses vulnerable drivers such as truesight.sys and rentdrv2.sys to disable security software, terminate protected…
Critical RCE Bug in Leading React Native NPM Module Could Allow Full System Compromise
A severe security vulnerability has been discovered in a widely used React Native development package, potentially exposing millions of developers to remote attacks. Security researchers from JFrog recently uncovered CVE-2025-11953, a critical remote code execution flaw affecting the @react-native-community/cli NPM…
Critical WordPress Post SMTP Plugin Vulnerability Puts 400,000 Sites at Risk of Account Takeover
A critical vulnerability has been discovered in the Post SMTP WordPress plugin, affecting over 400,000 active installations across the web. The vulnerability, identified as CVE-2025-11833 with a CVSS score of 9.8, allows unauthenticated attackers to access sensitive email logs and…
Android Hit by 0-Click RCE Vulnerability in Core System Component
Google has released an urgent security alert addressing a critical remote code execution vulnerability affecting Android devices worldwide. The vulnerability, tracked as CVE-2025-48593, exists in Android’s System component and requires no user interaction for exploitation, making it an exceptionally dangerous…
XLoader Malware Analyzed Using ChatGPT’s AI, Breaks RC4 Encryption Layers in Hours
Cybersecurity researchers have successfully demonstrated how artificial intelligence can dramatically accelerate malware analysis, decrypting complex XLoader samples in a fraction of the time previously required. XLoader, a sophisticated malware loader with information-stealing capabilities dating back to 2020, has long been…
Zscaler Acquires SPLX to Strengthen AI-Powered Zero Trust Security
Zscaler, a leading cloud security company, has acquired SPLX, an innovative AI security pioneer, to enhance its Zero Trust Exchange platform with advanced AI protection capabilities. The acquisition will integrate shift-left AI asset discovery, automated red teaming, and governance features…
Anatomy of Tycoon 2FA Phishing: Tactics Targeting M365 and Gmail
The Tycoon 2FA phishing kit represents one of the most sophisticated threats targeting enterprise environments today. This Phishing-as-a-Service (PhaaS) platform, which emerged in August 2023, has become a formidable adversary against organizational security, employing advanced evasion techniques and adversary-in-the-middle (AiTM)…
Microsoft Plans to Remove Entra Accounts from Authenticator on Jailbroken Devices
Microsoft is rolling out a significant security enhancement for its Authenticator app starting February 2026, introducing jailbreak and root detection capabilities that will automatically wipe Microsoft Entra credentials from compromised devices. This move represents a strategic shift toward strengthening enterprise…
RondoDox Botnet Swells Its Arsenal — 650% Jump in Enterprise-Focused Exploits
The cybersecurity threat landscape shifted dramatically on October 30, 2025, when security researchers monitoring honeypot infrastructure detected a significantly evolved variant of the RondoDox botnet. The updated malware now features 75 distinct exploitation vectors, a fundamental expansion that transforms the…
‘SleepyDuck’ Malware in Open VSX Lets Attackers Remotely Control Windows PCs
Security researchers have identified a dangerous remote access trojan called SleepyDuck lurking in the Open VSX IDE extension marketplace, targeting developers who use code editors like Cursor and Windsurf. The malicious extension masqueraded as a legitimate Solidity programming language helper,…
Balancer DeFi Platform Hit by Major Exploit Resulting in $100M+ in Losses
The decentralised finance (DeFi) ecosystem was rocked by a significant exploit targeting Balancer, one of the leading DeFi platforms. The breach specifically impacted Balancer’s V2 Composable Stable Pools, resulting in losses that reportedly exceed $100 million. This major incident highlights…