Microsoft has disclosed a new security vulnerability in Windows operating systems, tracked as CVE-2025-29809. This flaw, classified with Important severity, impacts the Kerberos authentication protocol, potentially enabling attackers to bypass critical security features. The vulnerability stems from weaknesses described under CWE-922: Insecure Storage of…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
CISA Alerts on Active Exploitation of CentreStack Hard-Coded Key Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert highlighting a critical vulnerability in Gladinet CentreStack, a cloud-based enterprise file-sharing platform. The issue, tracked as CVE-2025-30406, involves the use of a hard-coded cryptographic key that could enable attackers to…
Hellcat Ransomware Upgrades Arsenal to Target Government, Education, and Energy Sectors
The cybersecurity community has raised alarms over the rapid evolution of the Hellcat ransomware group, which has escalated its tactics to target critical sectors. Hellcat, which emerged in mid-2024, now employs a sophisticated blend of psychological manipulation, zero-day vulnerabilities, and…
Ransomware Groups Target Organizations to Exfiltrate Data and Blackmail via Leak Site Posts
Ransomware attacks have continued their relentless assault on organizations worldwide, with a focus on data exfiltration and subsequent blackmail through leak site posts. Rapid7 Labs’ analysis of internal and public data provides insights into the evolving landscape of ransomware threats.…
Ransomware Group Actively Exploits Windows CLFS Zero-Day Vulnerability
Microsoft has uncovered a sophisticated ransomware campaign exploiting a zero-day vulnerability in the Windows Common Log File System (CLFS), tracked as CVE-2025-29824. The vulnerability allows attackers to escalate privileges from a standard user account to SYSTEM level, enabling widespread deployment…
CISA Issues Alert on Active Exploits of Windows CLFS Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding active exploitation of a critical vulnerability in the Microsoft Windows Common Log File System (CLFS) Driver. The vulnerability, tracked as CVE-2025-29824, poses a significant security risk by allowing…
NCSC Issues Alert on MOONSHINE and BADBAZAAR Mobile Malware
GCHQ’s National Cyber Security Centre (NCSC), in collaboration with international and industry partners, has issued a global alert regarding two dangerous spyware applications – MOONSHINE and BADBAZAAR – aiming to help vulnerable communities protect themselves from digital surveillance. The NCSC…
Apache mod_auth_openidc Flaw Lets Unauthenticated Users Access Protected Data
A critical flaw in Apache mod_auth_openidc (versions ≤2.4.16.10) allows unauthenticated attackers to bypass authentication and access protected resources. The bug, CVE-2025-31492, patched in version 2.4.16.11, affects systems using OIDCProviderAuthRequestMethod POST without an application-level gateway or load balancer. Technical Breakdown The vulnerability stems from improper…
Windows CLFS 0-Day Vulnerability Exploited in the Wild
Microsoft has disclosed an active exploitation of a zero-day vulnerability in the Windows Common Log File System (CLFS) driver, tracked as CVE-2025-29824. The flaw, classified as an Elevation of Privilege (EoP) vulnerability, has been assigned a CVSS score of 7.8, indicating its significant security…
Chrome Use-After-Free Vulnerability Enables Remote Code Attacks
Google has rolled out a critical update for its Chrome browser, addressing a high-severity vulnerability that could allow remote code execution. The flaw, identified as CVE-2025-3066, targets Chrome’s Site Isolation feature, underscoring the importance of regular browser updates in protecting…
20 Best Incident Response Tools in 2025
In today’s digital era, organizations face an ever-growing threat landscape, with cyberattacks, data breaches, and system failures becoming increasingly common. Incident response has emerged as a vital component of cybersecurity strategies, ensuring businesses can effectively detect, manage, and recover from…
Kibana Releases Security Patch to Fix Code Injection Vulnerability
Elastic, the company behind Kibana, has released critical security updates to address a high-severity vulnerability identified as CVE-2024-12556. The flaw, referred to as “Kibana Prototype Pollution,” could allow attackers to execute arbitrary code by exploiting a combination of unrestricted file…
AWS Systems Manager Plugin Flaw Allows Arbitrary Code Execution
A recently discovered vulnerability in the AWS Systems Manager (SSM) Agent, a cornerstone of Amazon Web Services (AWS) used for managing EC2 instances and on-premises servers, has raised critical security concerns. This security flaw, identified as a Path Traversal vulnerability,…
Microsoft April 2025 Patch Tuesday: Fixing 121 Vulnerabilities, Including a Critical Zero-Day
Microsoft has rolled out its April 2025 Patch Tuesday update, addressing 121 security vulnerabilities across its software ecosystem. This comprehensive update includes fixes for critical issues such as the elevation of privilege, remote code execution, and information disclosure vulnerabilities. Among…
New GIFTEDCROOK Stealer Targets Government Organizations to Exfiltrate Sensitive Data
Cybersecurity experts have uncovered an alarming escalation in cyber-espionage operations targeting Ukrainian critical sectors, as outlined in CERT-UA’s latest alert, CERT-UA#14303. The campaign, attributed to the UAC-0226 hacking group, leverages a sophisticated C/C++-based stealer called GIFTEDCROOK to infiltrate systems, steal…
Attackers Exploit SourceForge Platform to Distribute Malware
A recent malware distribution scheme has been uncovered on SourceForge, the popular software hosting and distribution platform. Cybercriminals have leveraged SourceForge’s subdomain feature to deceive users with fake downloads of software applications, embedding malicious files into the infection chain. This…
Shopware Security Plugin Vulnerability Enables SQL Injection Attacks
A recently disclosed SQL injection vulnerability in older versions of the Shopware platform has raised concerns among online shop operators. Although Shopware has addressed the issue in its latest release (version 6.5.8.13), it has been revealed that the fix provided…
Hackers Conceal NFC Carders Behind Apple Pay and Google Wallet
In a disturbing evolution of financial fraud, cybercriminals are leveraging advanced techniques to exploit mobile payment systems such as Apple Pay and Google Wallet. Once reliant on magnetic stripe card cloning, fraudsters have adapted to breakthroughs in card security technology…
Vidar Stealer Uses New Deception Technique to Hijack Browser Cookies and Stored Credentials
Vidar Stealer a notorious information-stealing malware has adopted a deceptive method to disguise itself as Microsoft’s BGInfo application. By exploiting a legitimate tool widely used by IT professionals to display system details, attackers have demonstrated advanced techniques to evade detection…
Zoom Workplace Apps Vulnerability Enables Malicious Script Injection Through XSS Flaws
A newly disclosed vulnerability in Zoom Workplace Apps (tracked as CVE-2025-27441 and CVE-2025-27442) allows attackers to inject malicious scripts via cross-site scripting (XSS) flaws, posing risks to millions of users globally. The medium-severity vulnerability, with a CVSS score of 4.6,…