The Rhysida ransomware gang has been running a sophisticated malvertising campaign that delivers OysterLoader malware through deceptive search engine advertisements, giving attackers complete access to compromised devices and networks. The Rhysida gang, formerly known as Vice Society before rebranding in…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Microsoft’s WSUS Patch Causes Hotpatching Failures on Windows Server 2025
Microsoft has acknowledged a critical issue affecting Windows Server 2025 systems enrolled in the Hotpatch program. A recent Windows Server Update Services (WSUS) patch was inadvertently distributed to machines configured to receive Hotpatch updates, causing disruptions to the seamless patching…
SesameOp: Using the OpenAI Assistants API for Covert C2 Communication
Microsoft’s Detection and Response Team has exposed a sophisticated backdoor malware that exploits the OpenAI Assistants API as an unconventional command-and-control communication channel. Named SesameOp, this threat demonstrates how adversaries are rapidly adapting to leverage legitimate cloud services for malicious…
Apple Releases Security Update Addressing Critical Flaws in iOS 26.1 and iPadOS 26.1
Apple has rolled out new security updates for iOS 26.1 and iPadOS 26.1, released on November 3, 2025, introducing important fixes for a wide range of vulnerabilities. The update is available for iPhone 11 and later models, along with several…
Cybercriminals Exploit RMM Tools to Target Trucking Firms and Hijack Freight
Cybercriminals are orchestrating sophisticated attacks against trucking and freight companies in elaborate schemes designed to steal cargo shipments worth millions. These threat actors are exploiting the digital transformation of the logistics industry, compromising transportation companies to fraudulently bid on legitimate…
Hackers Actively Scanning TCP Ports 8530/8531 for WSUS CVE-2025-59287
Security researchers at the SANS Internet Storm Center have detected a significant spike in suspicious network traffic targeting Windows Server Update Services (WSUS) infrastructure worldwide. The reconnaissance activity focuses specifically on TCP ports 8530 and 8531, which correspond to unencrypted…
Critical UniFi OS Flaw Enables Remote Code Execution
Security researchers have uncovered a severe unauthenticated Remote Code Execution vulnerability in Ubiquiti’s UniFi OS that earned a substantial $25,000 bug bounty reward. Tracked as CVE-2025-52665, this critical flaw allows attackers to gain complete control of UniFi devices without requiring…
Open VSX Registry Responds to Leaked Tokens and Malicious Extension Incident
The Open VSX team and Eclipse Foundation have addressed a significant security incident involving leaked authentication tokens and malicious extensions on their popular code marketplace. The organization has now contained the situation and outlined concrete steps to prevent future attacks.…
New BOF Tool Bypasses Microsoft Teams Cookie Encryption to Steal User Chats
Cybersecurity researchers at Tier Zero Security have released a specialised Beacon Object File (BOF) tool that exploits a critical weakness in Microsoft Teams cookie encryption, enabling attackers to steal user chat messages and other sensitive communications. The vulnerability stems from…
Windows 11 24H2/25H2 Flaw Keeps Task Manager Running After You Close It
Microsoft has acknowledged a persistent bug affecting Windows 11 versions 24H2 and 25H2 that prevents Task Manager from properly terminating when users close the application. The issue causes multiple instances of the system monitoring tool to accumulate in the background,…
Conti Ransomware Operator Extradited to the United States
A Ukrainian national accused of participating in one of the most damaging ransomware campaigns in history has been extradited from Ireland to face charges in the United States. Oleksii Oleksiyovych Lytvynenko, 43, appeared in federal court in Tennessee following his…
EDR-Redir V2 Evades Detection on Windows 11 by Faking Program Files
Security researcher TwoSevenOneT has released EDR-Redir V2, an upgraded evasion tool that exploits Windows bind link technology to bypass endpoint detection and response solutions on Windows 11. The new version demonstrates a sophisticated approach to redirecting security software by manipulating…
OpenAI Introduces Aardvark, an AI Security Agent Powered by GPT-5
OpenAI has announced the launch of Aardvark, an autonomous AI security agent powered by GPT-5 that aims to revolutionize how organizations discover and fix software vulnerabilities. The new tool, currently available in private beta, represents a significant advancement in automated…
Proton Warns of 300 Million Stolen Login Details Circulating on Dark Web
Privacy-focused technology company Proton has issued a warning about the escalating data breach crisis, revealing that hundreds of millions of stolen login credentials are actively circulating on the dark web. Through its Data Breach Observatory initiative, Proton is directly monitoring…
What Rural Internet Providers Offer Remote Communities
Loss of internet access in rural areas is considerably more serious, as it disrupts education, work, and communication. Despite such hurdles, it is rural internet providers serving such remote communities and getting them connected. By understanding what these providers can…
New Email Security Technique Prevents Phishing Attacks Behind NPM Breach
The discovery of a large-scale NPM ecosystem compromise in September 2025 has renewed focus on email security as the critical first line of defense against supply chain attacks. Threat actors successfully compromised multiple high-profile NPM developer accounts through a sophisticated…
Akira Ransomware Strikes Apache OpenOffice, Allegedly Exfiltrates 23GB of Data
The notorious Akira ransomware gang announced on October 29, 2025, that it successfully penetrated the systems of Apache OpenOffice, claiming to have exfiltrated a staggering 23 gigabytes of sensitive corporate data. The group posted details on its dark web leak…
Hackers Hide SSH–Tor Backdoor Inside Weaponized Military Documents
In October 2025, cybersecurity researchers at Cyble Research and Intelligence Labs (CRIL) uncovered a sophisticated malware campaign distributing weaponized ZIP archives disguised as military documents. The attack specifically targeted Belarusian military personnel through a lure document titled “ТЛГ на убытие…
CISA Alerts on Linux Kernel Vulnerability Exploited in Ransomware Attacks
The U.S. Cybersecurity and Infrastructure Security Agency has added a critical Linux kernel vulnerability to its Known Exploited Vulnerabilities catalog, warning that threat actors are actively leveraging the security vulnerability in ransomware campaigns targeting organizations worldwide. The vulnerability, tracked as…
Cisco IOS XE Vulnerability Being Abused in the Wild to Plant BADCANDY
Cybersecurity authorities are raising urgent alarms as threat actors continue to exploit a critical vulnerability in Cisco IOS XE devices, deploying a malicious implant known as BADCANDY across networks worldwide. The Australian Signals Directorate (ASD) has confirmed that over 150…