South Korean internet users are being targeted by a sophisticated phishing campaign attributed to the North Korean threat actor known as Kimsuky. The malicious emails, masquerading as official notices from the National Tax Service (NTS), inform recipients of a “September…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
RatOn Hijacks Bank Account to Launch Automated Money Transfers
Dubbed RatOn, that combines traditional overlay attacks with NFC relay tactics to hijack bank accounts and initiate automated money transfers. Developed from scratch by a threat actor group observed since July 2025, RatOn represents a significant evolution in mobile fraud…
SessionReaper Vulnerability Puts Magento & Adobe Commerce Sites in Hacker Crosshairs
Adobe has broken its regular patch schedule to address CVE-2025-54236, a critical vulnerability in Magento Commerce and open-source Magento installations. Dubbed “SessionReaper,” this vulnerability allows attackers to bypass input validation in the Magento Web API, enabling automated account takeover, data…
How a Single Faulty Windows Driver Can Crash Your System and Cause Blue Screen of Death
Windows devices rely on a complex ecosystem of drivers to manage hardware and software interactions. When one driver fails to complete a critical task, the entire operating system can halt in a fatal error known as the Blue Screen of…
U.S. Cracks Down on Scam Networks in Southeast Asia Draining Billions
In a sweeping effort to curb transnational cybercrime and human rights abuses, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) today imposed sanctions on a sprawling network of scam centers operating in Southeast Asia. These centers,…
SAP Security Patch Day Addresses 21 Vulnerabilities, 4 Classified as Critical
SAP’s Security Patch Day on September 9, 2025, introduced fixes for 21 newly discovered vulnerabilities across its product portfolio and provided updates to four previously released security notes. With four issues rated as Critical, organizations running SAP environments are urged to…
SpamGPT: New AI Email Attack Tool Fueling Massive Phishing Operations
A novel AI-driven email attack toolkit named SpamGPT has surfaced on underground hacking forums, promising cybercriminals an all-in-one platform for launching large-scale phishing campaigns. Advertised as an “AI-powered spam-as-a-service” solution, SpamGPT automates compromise of email servers, bypasses major spam filters, and offers…
New Cyber Attack Exploits DeskSoft to Spread Malware via RDP Command Execution
An emerging threat campaign has been identified that weaponizes a trojanized version of DeskSoft’s EarthTime application to deploy sophisticated malware, leveraging Remote Desktop Protocol (RDP) access for command execution and network reconnaissance. Security analysts attribute the intrusion to an affiliate…
New Malware Exploits Exposed Docker APIs to Gain Persistent Root SSH Access
The Akamai Hunt Team has uncovered a new strain of malware that targets exposed Docker APIs with expanded infection capabilities. First observed in August 2025 within Akamai’s honeypot infrastructure, this variant diverges from the June 2025 Trend Micro report by…
Jaguar Land Rover Halts Operations Longer Due to Cyberattack Impact
Jaguar Land Rover’s UK factories will remain closed until at least Wednesday as the company continues to recover from a cyberattack that struck its systems on 31 August. The carmaker shut down its IT networks in response to the breach,…
MostereRAT Exploits AnyDesk and TightVNC for Remote Access on Windows Systems
Cybersecurity researchers at FortiGuard Labs have uncovered a sophisticated phishing campaign that deploys the MostereRAT remote access trojan to compromise Windows systems. The malware leverages advanced evasion techniques and installs legitimate remote access tools like AnyDesk and TightVNC to maintain…
Dynatrace Data Breach Exposes Customer Information Stored in Salesforce
Dynatrace has confirmed that customer data stored in Salesforce was exposed following a third-party breach involving Salesloft’s Drift application. The incident, which occurred in August 2025, allowed unauthorized access to Salesforce CRM data across multiple companies. Both Salesloft and Salesforce…
New Exploitation Method Discovered for Linux Kernel Use-After-Free Vulnerability
A new exploitation method has been discovered for the Linux kernel use-after-free (UAF) vulnerability tracked as CVE-2024-50264. The vulnerability was awarded the Pwnie Award 2025 for Best Privilege Escalation due to its complexity and impact on major Linux distributions. Researchers developed innovative techniques…
Windows Defender Vulnerability Lets Hackers Hijack and Disable Services Using Symbolic Links
A newly demonstrated attack technique has revealed a flaw in how Windows Defender manages its update and execution mechanism. By exploiting symbolic links, attackers can hijack Defender’s service folders, gain full control over its executables, and even disable the antivirus…
APT37 Deploys New Rust and Python Malware Targeting Windows Systems
The North Korean-aligned threat group APT37, also known as ScarCruft, Ruby Sleet, and Velvet Chollima, has evolved its cyber warfare capabilities by deploying sophisticated Rust and Python-based malware in recent campaigns targeting Windows systems. Active since 2012, this advanced persistent…
Hackers Hijack 18 Popular npm Packages Downloaded Over 2 Billion Times Weekly
Hackers have hijacked 18 extremely popular npm packages, downloaded more than 2 billion times every week, injecting them with sophisticated malware that targets cryptocurrency users and developers. Early on September 8th, a security feed flagged the sudden update of 18…
Chinese Hackers Salt Typhoon and UNC4841 Team Up to Breach Critical Infrastructure
Cybersecurity researchers at Silent Push have uncovered a sophisticated Chinese espionage operation linking two prominent threat actors, Salt Typhoon and UNC4841, revealing previously unreported infrastructure used to target government and corporate networks across more than 80 countries. The discovery of…
Maduro Hails Huawei Mate X6 Gift From China as ‘Unhackable’ by U.S.
Venezuelan President Nicolás Maduro made bold claims about cybersecurity during a press conference on September 1, 2025, as he showcased a Huawei smartphone gifted to him by Chinese President Xi Jinping. Holding up the device before international media in Caracas,…
Qualys Confirms Cyberattack Campaign Targeting Salesforce via Salesloft and Drift
Qualys has confirmed that it was recently impacted by a cybersecurity campaign targeting Salesloft and Drift, two third-party SaaS platforms that integrate with Salesforce. The company emphasized that customer data and its own production environments on the Qualys Cloud Platform…
LunaLock Ransomware Attacking Artists to Steal and Encrypt Data
LunaLock, a newly surfaced ransomware strain, has launched a targeted campaign against independent artists and their clients, demanding a hefty ransom in exchange for stolen creative works and leaked personal data. Emerging in early September 2025, the LunaLock group claims…