The North Korean state-sponsored group Kimsuky, also known as APT43, Thallium, and Velvet Chollima, has been accused of launching a recent cyber-espionage campaign in which the attackers used malicious Windows shortcut (LNK) files as the first point of entry to…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Over 10,000 Malicious TikTok Shop Domains Target Users with Malware and Credential Theft
Cybersecurity firm CTM360 has uncovered an ongoing malicious operation dubbed “ClickTok,” specifically targeting TikTok Shop users worldwide through a dual-pronged strategy of phishing and malware deployment. This campaign leverages deceptive replicas of TikTok’s official in-app e-commerce platform, impersonating affiliates and…
Microsoft Launches Zero-Day Quest Hacking Contest with Rewards Up to $5 Million
Microsoft has unveiled the return of its groundbreaking Zero Day Quest initiative, escalating the stakes in cybersecurity research with a staggering total bounty pool of up to $5 million. Building on the success of last year’s inaugural event, which offered…
Surge in Cyber Attacks Targeting AI Infrastructure as Critical Vulnerabilities Emerge
Security researchers discovered 28 distinct zero-day vulnerabilities, seven of which were expressly directed at artificial intelligence infrastructure, in a startling discovery made during the 2025 Pwn2Own Berlin event, which was organized by Trend Micro’s Zero Day Initiative. This inaugural AI…
Cisco Discloses Data Breach Exposed User Profiles from Cisco.com
Cisco Systems has disclosed a data breach that compromised basic profile information of users registered on Cisco.com following a successful voice phishing attack targeting one of the company’s representatives. The incident resulted in unauthorized access to a third-party cloud-based Customer…
APT36 Targets Indian Government: Credential Theft Campaign Uncovered
A sophisticated phishing campaign attributed with medium confidence to the Pakistan-linked APT36 group, also known as Transparent Tribe or Mythic Leopard, has been uncovered targeting Indian defense organizations and government entities. This operation employs typo-squatted domains that mimic official Indian…
SonicWall Alerts on Surge of Attacks Against Gen 7 Firewalls Over Past 72 Hours
SonicWall has issued an urgent security advisory following a significant escalation in cyberattacks targeting Generation 7 firewalls with enabled SSLVPN functionality over the past three days. The cybersecurity company is actively investigating whether these incidents stem from a previously disclosed…
Hackers Target SharePoint Flaw to Access IIS Machine Keys
Zero-day exploits against Microsoft SharePoint are enabling attackers to extract IIS machine keys, establishing persistent backdoors that survive patches and reboots. In mid-July 2025, threat actors began abusing two critical SharePoint vulnerabilities—CVE-2025-53770 (deserialization, CVSS 9.8) and CVE-2025-53771 (authentication bypass, CVSS 6.3)—in an attack…
Cloudflare Accuses Perplexity AI of Bypassing Firewalls with User-Agent Spoofing
Cloudflare has publicly accused Perplexity AI of employing deceptive crawling practices that violate established web crawling protocols and deliberately circumvent website protection mechanisms. The cybersecurity company has documented evidence of Perplexity using undisclosed user agents and rotating IP addresses to…
North Korean Hackers Exploit NPM Packages to Steal Cryptocurrency and Sensitive Data
Veracode Threat Research has uncovered a sophisticated North Korean cryptocurrency theft operation that continues to evolve, building on campaigns previously reported in February and June 2024. This latest iteration involves twelve malicious NPM packages, including cloud-binary, json-cookie-csv, cloudmedia, and nodemailer-enhancer,…
Threat Actors Exploit Open-Source Vulnerabilities to Spread Malicious Code
FortiGuard Labs has reported a sustained trend in the exploitation of open-source software (OSS) repositories for malware dissemination within supply chain ecosystems. As development workflows increasingly depend on third-party packages, adversaries are capitalizing on vulnerabilities in platforms like NPM and…
MediaTek Chip Vulnerabilities Allow Attackers to Gain Elevated Access
MediaTek has disclosed three critical security vulnerabilities affecting dozens of its chipsets, potentially allowing attackers to gain elevated system privileges on affected devices. The vulnerabilities, detailed in the company’s August 2025 Product Security Bulletin, impact a wide range of MediaTek…
Critical Flaw in ADOdb SQLite3 Driver Allows Arbitrary SQL Execution
A critical security vulnerability has been discovered in the popular ADOdb PHP database abstraction library that could allow attackers to execute arbitrary SQL statements, posing significant risks to applications using SQLite3 databases. The flaw, designated as CVE-2025-54119, affects all versions…
Raspberry Robin Malware Targets Windows Systems via New CLFS Driver Exploit
The Raspberry Robin malware, also known as Roshtyak, has undergone substantial updates that enhance its evasion and persistence on Windows systems. Active since 2021 and primarily disseminated through infected USB devices, this sophisticated downloader has integrated advanced obfuscation techniques to…
New Android Malware Poses as SBI Card and Axis Bank Apps to Steal Financial Data
McAfee’s Mobile Research Team has identified a sophisticated Android malware campaign primarily aimed at Hindi-speaking users in India, masquerading as legitimate financial applications from institutions like SBI Card, Axis Bank, and IndusInd Bank. This operation distributes malicious APKs through dynamically…
Chollima APT Group Targets Job Seekers and Organizations with JavaScript-Based Malware
The North Korean-linked Chollima advanced persistent threat (APT) group, also known as Famous Chollima, has been orchestrating a persistent cyber espionage campaign since at least December 2022, primarily targeting job seekers in the software development and IT sectors to infiltrate…
Streamlit Vulnerability Exposes Users to Cloud Account Takeover Attacks
A critical security flaw in Streamlit, the popular open-source framework for building data applications, has been discovered that could allow cybercriminals to execute cloud account takeover attacks and manipulate financial data systems. The vulnerability, found in Streamlit’s file upload feature,…
WAF Protections Bypassed via JS Injection and Parameter Pollution for XSS Attacks
A groundbreaking security research has revealed that parameter pollution techniques combined with JavaScript injection can bypass 70% of modern Web Application Firewalls (WAFs), raising serious concerns about the effectiveness of current web security defenses. Security researchers conducting autonomous penetration testing discovered…
LegalPwn Attack Tricks AI Tools Like ChatGPT and Gemini into Running Malicious Code
Security researchers have discovered a new type of cyberattack that exploits how AI tools process legal text, successfully tricking popular language models into executing dangerous code. Cybersecurity firm Pangea has unveiled a sophisticated attack method called “LegalPwn” that embeds malicious…
Claude AI Flaws Let Attackers Execute Unauthorized Commands Using the Model Itself
Security researchers have discovered critical vulnerabilities in Anthropic’s Claude Code that allow attackers to bypass security restrictions and execute unauthorized commands, with the AI assistant itself helping to facilitate these attacks. The vulnerabilities, designated CVE-2025-54794 and CVE-2025-54795, demonstrate how sophisticated…