Insikt Group has uncovered new infrastructure tied to the Israeli spyware vendor Candiru, now operating under Saito Tech Ltd., highlighting the persistent deployment of its advanced DevilsTongue malware. Utilizing Recorded Future Network Intelligence, researchers identified eight distinct operational clusters, each…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
CAPTCHAgeddon: Fake CAPTCHA Used in New ClickFix Attack to Deploy Malware Payload
ClickFix, which began as a red-team simulation tool in September 2024, has quickly developed into a widespread malware delivery system that outcompetes its predecessors, such as the ClearFake phony browser update fraud. Initially demonstrated by security researcher John Hammond for…
Fake Antivirus App Delivers LunaSpy Malware to Android Devices
A sophisticated cybercrime campaign has been discovered targeting Android users through fake antivirus applications that actually deliver LunaSpy spyware to victims’ devices. Security researchers have identified this malicious operation as an active threat that exploits users’ security concerns to gain…
WhatsApp Adds Security Feature to Help Users Spot and Avoid Malicious Messages
WhatsApp is rolling out enhanced security measures to combat the surge in scam messages targeting users worldwide, as criminal organizations increasingly exploit messaging platforms to defraud unsuspecting victims. The new features come as federal authorities report a dramatic spike in…
Pandora Jewellery Hit by Cyberattack, Customer Data Compromised
Pandora, the world-renowned Danish jewelry retailer, recently suffered a major cybersecurity incident involving unauthorized access to customer information through a third-party vendor platform. The company confirmed the cyberattack was promptly identified and contained, with immediate security reinforcements implemented. Official communications…
Rockwell Arena Simulation Flaws Allow Remote Execution of Malicious Code
Rockwell Automation has disclosed three critical memory corruption vulnerabilities in its Arena Simulation software that could allow attackers to execute malicious code remotely. The vulnerabilities, discovered during routine internal testing, affect all versions of Arena Simulation 16.20.09 and earlier, potentially…
Akira Ransomware Uses Windows Drivers to Bypass AV/EDR in SonicWall Attacks
Security researchers have identified a sophisticated new tactic employed by Akira ransomware operators, who are exploiting legitimate Windows drivers to evade antivirus and endpoint detection systems while targeting SonicWall VPN infrastructure. This development represents a significant escalation in the group’s…
Threat Actors Poison Bing Search Results to Distribute Bumblebee Malware via ‘ManageEngine OpManager’ Queries
Threat actors leveraged SEO poisoning techniques to manipulate Bing search results, directing users querying for “ManageEngine OpManager” to a malicious domain, opmanager[.]pro. This site distributed a trojanized MSI installer named ManageEngine-OpManager.msi, which covertly deployed the Bumblebee malware loader while installing…
Chinese Hackers Exploit SharePoint Flaws to Deploy Backdoors, Ransomware, and Loaders
Unit 42 researchers have identified significant overlaps between Microsoft’s reported ToolShell exploit chain targeting SharePoint vulnerabilities and a tracked activity cluster dubbed CL-CRI-1040. This cluster, active since at least March 2025, deploys a custom malware suite named Project AK47, comprising…
Chinese Hackers Breach Exposes 115 Million U.S. Payment Cards
Security researchers have uncovered a highly advanced network of Chinese-speaking cybercriminal syndicates orchestrating smishing attacks that exploit digital wallet tokenization, potentially compromising up to 115 million payment cards in the United States alone. These operations, which evolved dramatically since August…
Trend Micro Apex One Hit by Actively Exploited RCE Vulnerability
Trend Micro has issued an urgent security bulletin warning customers of critical remote code execution vulnerabilities in its Apex One on-premise management console that are being actively exploited by attackers in the wild. The cybersecurity company disclosed two command injection…
Adobe AEM Forms 0-Day Vulnerability Allows Attackers to Run Arbitrary Code
Adobe has released critical security updates for Adobe Experience Manager (AEM) Forms on Java Enterprise Edition following the discovery of two severe vulnerabilities that could enable attackers to execute arbitrary code and read sensitive files from affected systems. Critical Security…
10 Best IT Asset Management Tools in 2025
In today’s fast-paced digital landscape, effective IT Asset Management (ITAM) is crucial for organizations to maintain control over their hardware, software, and cloud assets. Modern ITAM tools in 2025 are evolving beyond simple inventory management, incorporating AI and machine learning…
Threat Actors Weaponizing RMM Tools to Gain System Control and Exfiltrate Data
Adversaries are using Remote Monitoring and Management (RMM) tools more frequently as dual-purpose weapons for initial access and persistence in the constantly changing world of cyber threats. These legitimate software solutions, typically employed by IT professionals for system administration, are…
Millions of Dell PCs at Risk from Broadcom Vulnerability Enabling Remote Hijack
Cybersecurity researchers at Cisco Talos have discovered five critical vulnerabilities in Dell’s ControlVault3 security hardware that could affect millions of business laptops worldwide. The flaws, collectively dubbed “ReVault,” enable attackers to remotely hijack systems and maintain persistent access even after…
CISA Alerts on Ongoing Exploits Targeting D-Link Device Vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) has escalated its campaign to protect U.S. networks by adding three newly exploited D-Link device vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog. The alert, issued on August 5, 2025, emphasizes a rising…
MCPoison Attack Abuses Cursor IDE to Run Arbitrary System Commands
Cybersecurity researchers have uncovered a critical vulnerability in Cursor IDE that allows attackers to execute arbitrary system commands through a sophisticated trust bypass mechanism, potentially compromising developer workstations across collaborative coding environments. Check Point Research disclosed the vulnerability, designated CVE-2025-54136…
Security Risk Advisors Launches SCALR AI for Fast-Track Agentive AI Enablement
Security Risk Advisors (SRA), a leading cybersecurity consulting firm, today announced the launch of SCALR AI, a customizable platform designed to enable non-technical people to build and integrate agentive AI capabilities directly into their operations. SCALR AI is being showcased…
Comp AI Raises $2.6M to Streamline and Disrupt the SOC 2 Market
San Francisco, California, August 1st, 2025, CyberNewsWire Comp AI Raises $2.6M in Pre-Seed Funding to Revolutionize Enterprise Compliance with AI-Powered Automation Comp AI, an emerging player in the compliance automation space, today announced it has secured $2.6 million in pre-seed funding…
U.S. Treasury Warns Crypto ATMs Are Aiding Criminal Activity
The U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) has issued Notice FIN-2025-NTC1, dated August 4, 2025, warning financial institutions about the growing risks associated with convertible virtual currency (CVC) kiosks, also known as cryptocurrency automated teller machines…