Threat actors have orchestrated a multi-wave phishing campaign between April and May 2025, leveraging the legitimate infrastructure of Nifty[.]com, a prominent Japanese Internet Service Provider (ISP), to execute their attacks. Uncovered by Raven, a leading threat detection entity, this operation…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
PureHVNC RAT Uses Fake Job Offers and PowerShell to Evade Security Defenses
A new and highly evasive malware campaign delivering the PureHVNC Remote Access Trojan (RAT) has been identified by Netskope Threat Labs, showcasing a complex multi-layer infection chain designed to bypass modern security defenses. This campaign, active in 2024, leverages fake…
Interlock Ransomware Uses NodeSnake RAT for Persistent Access to Corporate Networks
In a two UK-based universities have fallen victim to a sophisticated Remote Access Trojan (RAT) dubbed NodeSnake within the past two months. According to analysis by Quorum Cyber’s Threat Intelligence (QCTI) team Report, this malware, likely deployed by the ransomware…
Criminal IP Set to Make Its Debut at Infosecurity Europe 2025
Criminal IP, the AI-powered threat intelligence platform developed by AI SPERA (led by CEO Byungtak Kang), has announced its first participation in Infosecurity Europe 2025, the largest cybersecurity conference in Europe. The event will take place from June 3 to…
Apache InLong JDBC Vulnerability Enables Deserialization of Untrusted Data
A moderate-severity vulnerability, tracked as CVE-2025-27522, has been disclosed in Apache InLong, a popular data integration platform. The flaw, affecting versions 1.13.0 through 2.1.0, centers on the deserialization of untrusted data during JDBC (Java Database Connectivity) verification processing. This vulnerability…
Windows 11 File Explorer Vulnerability Enables NTLM Hash Theft
A newly disclosed vulnerability, CVE-2025-24071, has been identified in Windows File Explorer, specifically affecting Windows 11 (23H2) and earlier versions that support .library-ms files and the SMB protocol. This flaw enables attackers to capture NTLM (New Technology LAN Manager) authentication…
Dark Partner Hackers Leverage Fake AI, VPN, and Crypto Sites to Target macOS and Windows Users
A group dubbed “Dark Partners” by cybersecurity researchers has launched a sophisticated malware campaign targeting both macOS and Windows users through a network of deceptive websites impersonating well-known AI, VPN, and software brands. This operation, which has been active for…
New PumaBot Hijacks IoT Devices via SSH Brute-Force for Persistent Access
A sophisticated new malware, dubbed PumaBot, has emerged as a significant threat to Internet of Things (IoT) devices worldwide. Cybersecurity researchers have identified this malicious software as a highly advanced botnet that exploits weak security configurations in IoT ecosystems, particularly…
New Microsoft Entra Connect Update Replaces Legacy Login Methods
Quantum computing is rapidly emerging as one of the most transformative technology trends of 2025, promising to revolutionize industries by solving complex problems that are currently beyond the reach of classical computers. Unlike traditional computers that process information in binary…
Hackers Exploit Cloudflare Tunnels to Launch Stealthy Cyberattacks
The cybersecurity landscape, malicious actors, including notorious ransomware groups like BlackSuit, Royal, Akira, Scattered Spider, Medusa, and Hunters International, have been exploiting Cloudflared, a legitimate tunneling tool by Cloudflare, to orchestrate stealthy cyberattacks. Originally known as “Argo,” Cloudflared is designed…
Critical Argo CD Flaw Exposes Kubernetes Clusters to Full Resource Manipulation
A critical cross-site scripting (XSS) vulnerability, officially tracked as CVE-2025-47933 and GHSA-2hj5-g64g-fp6p, has been identified in Argo CD, a widely used open-source GitOps tool for Kubernetes. This flaw affects the repository URL handling mechanism in the Argo CD user interface,…
Critical Dell PowerStore T Vulnerability Allows Full System Compromise
As part of its ongoing commitment to product security, Dell Technologies has released a significant update for the PowerStore T family, remediating a series of vulnerabilities that could be exploited by malicious actors to compromise affected systems. The update, detailed…
CISA Releases Dedicated SIEM & SOAR Guide for Cybersecurity Professionals
Security Information and Event Management (SIEM) platforms are essential for detecting, analyzing, and responding to cybersecurity threats in real time. However, the effectiveness of a SIEM system depends heavily on the quality and prioritization of logs ingested. This article explores…
UTG-Q-015 Hackers Launch Massive Brute-Force Attacks on Government Web Servers
The hacker group UTG-Q-015, first identified in December 2024 for mounting attacks on major websites like CSDN, has escalated its malicious activities, targeting government and enterprise web servers with unprecedented aggression. Initially disclosed for their tactics of website manipulation, the…
Victoria’s Secret Website Taken Offline After Cybersecurity Breach
Victoria’s Secret, the iconic lingerie retailer, has taken its US website offline and suspended some in-store services following a major cybersecurity incident. Customers attempting to access the site since Monday have been greeted with a black screen and a terse…
New Research Reveals Key TCP SYN Patterns for Detecting Malicious Activity
A groundbreaking study by NETSCOUT, utilizing data from their honeypot systems designed to capture unsolicited internet traffic, has shed light on the intricate patterns within Transmission Control Protocol (TCP) SYN segments the initial step in the TCP three-way handshake. Published…
New Spear-Phishing Campaign Targets Financial Executives with NetBird Malware
Trellix’s email security systems detected a highly targeted spear-phishing campaign aimed at CFOs and finance executives across industries like banking, energy, insurance, and investment firms in regions spanning Europe, Africa, Canada, the Middle East, and South Asia. This meticulously crafted…
New ChoiceJacking Exploit Targets Android and iOS via Infected Charging Ports
A team of cybersecurity researchers from the Institute of Information Security and A-SIT Secure Information Technology Centre Austria has unveiled a new class of USB-based attacks on mobile devices, dubbed “ChoiceJacking.” This attack revives and surpasses the notorious “juice jacking”…
Woodpecker: Red Teaming Tool Targets AI, Kubernetes, and API Vulnerabilities
Operant AI has announced the release of Woodpecker, an open-source automated red teaming engine designed to make advanced security testing accessible to organizations of all sizes. Traditionally, red teaming—simulated cyberattacks conducted by ethical hackers to uncover vulnerabilities—has been a privilege…
Malicious WordPress Plugin Disguised as Java Update Infects Site Visitors
A troubling new cyber threat has emerged targeting WordPress websites, where a malicious plugin masquerading as a legitimate tool tricks visitors into downloading harmful software. Disguised as “Yoast SEO” with convincing metadata, this plugin was recently uncovered in the /wp-content/plugins/contact-form/…