Cybersecurity researchers uncovered a sophisticated malware campaign targeting macOS users through a fraudulent DeepSeek.ai interface. Dubbed “Poseidon Stealer,” this information-stealing malware employs advanced anti-analysis techniques and novel infection vectors to bypass Apple’s latest security protocols, marking a significant escalation in…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Beware of Fake Job Interview Challenges Targeting Developers to Deliver Malware
A new wave of cyberattacks, dubbed “DeceptiveDevelopment,” has been targeting freelance developers through fake job interview challenges, according to ESET researchers. These attacks, linked to North Korea-aligned threat actors, involve malicious software disguised as coding tasks or projects. The primary…
New Phishing Attack Targets Amazon Prime Users to Steal Login Credentials
A new phishing campaign targeting Amazon Prime users has been identified, aiming to steal login credentials and other sensitive information, including payment details and personal verification data. The attack, analyzed by the Cofense Phishing Defense Center (PDC), uses a carefully…
LightSpy Malware Expands With 100+ Commands to Target Users Across All Major OS Platforms
The LightSpy surveillance framework has significantly evolved its operational capabilities, now supporting over 100 commands to infiltrate Android, iOS, Windows, macOS, and Linux systems, and routers, according to new infrastructure analysis. First documented in 2020, this modular malware has shifted…
Critical RCE Vulnerability in MITRE Caldera – Proof of Concept Released
A critical remote code execution (RCE) vulnerability has been uncovered in MITRE Caldera, a widely used adversarial emulation framework. The flaw (CVE-2025-27364) affects all versions prior to commit 35bc06e, potentially exposing systems running Caldera servers to unauthenticated attacks. Attackers can exploit…
CISA Alerts: Oracle Agile Vulnerability Actively Exploited
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding active exploitation of a severe deserialization vulnerability (CVE-2024-20953) in Oracle Agile Product Lifecycle Management (PLM) software. Added to CISA’s Known Exploited Vulnerabilities (KEV) catalog on February…
KernelSnitch: Uncovering a New Side-Channel Attack on Data Structures
Researchers at Graz University of Technology have uncovered a groundbreaking software-based side-channel attack, KernelSnitch, which exploits timing variances in Linux kernel data structures. Unlike hardware-dependent attacks, KernelSnitch targets hash tables, radix trees, and red-black trees, enabling unprivileged attackers to leak sensitive…
Hackers Evade Outlook Spam Filters to Deliver Malicious ISO Files
A newly discovered technique allows threat actors to circumvent Microsoft Outlook’s spam filters to deliver malicious ISO files, exposing organizations to sophisticated phishing campaigns. The bypass leverages hyperlink obfuscation to disguise malicious links as benign URLs, enabling attackers to distribute…
TSforge New Tool Bypasses Windows Activation on All Versions
A significant breakthrough in bypassing Windows activation has been achieved with the introduction of TSforge, a powerful exploit developed by researchers. This tool is capable of activating every edition of Windows since Windows 7, as well as all Windows add-ons…
Sliver C2 Server Vulnerability Enables TCP Hijacking for Traffic Interception
A significant vulnerability has been discovered in the Sliver C2 server, a popular open-source cross-platform adversary emulation and red team framework. This vulnerability, identified as CVE-2025-27090, allows attackers to hijack TCP connections, enabling them to intercept and manipulate traffic. The…
Widespread Chrome Malware: 16 Extensions Infect Over 3.2 Million Users
A recent cybersecurity investigation has uncovered a cluster of 16 malicious Chrome extensions that have compromised at least 3.2 million users. These extensions, which include functionalities like screen capture, ad blocking, and emoji keyboards, were found to inject code into…
UAC-0212: Hackers Unleash Devastating Cyber Assault on Critical Infrastructure
In a recent escalation of cyber threats, hackers have launched a targeted campaign, identified as UAC-0212, aimed at compromising critical infrastructure facilities in Ukraine. This campaign, which began in the second half of 2024, involves sophisticated tactics to infiltrate the…
GitVenom Campaign Abuses Thousands of GitHub Repositories to Infect Users
The GitVenom campaign, a sophisticated cyber threat, has been exploiting GitHub repositories to spread malware and steal cryptocurrency. This campaign involves creating hundreds of fake GitHub repositories that appear legitimate but contain malicious code. These repositories are designed to lure…
Industrial Organizations Under Siege: Chinese Hackers Wield Advanced FatalRAT Malware
A recent investigation by Kaspersky ICS CERT has uncovered a sophisticated cyberattack targeting industrial organizations across the Asia-Pacific region, particularly those in Taiwan, Malaysia, China, Japan, Thailand, South Korea, Singapore, the Philippines, Vietnam, and Hong Kong. The attackers are using…
Android App on Google Play Targets Indian Users to Steal Login Credentials
A malicious Android application, Finance Simplified (package: com.someca.count), has been identified on the Google Play Store, targeting Indian users under the guise of a financial management tool. The app, which claims to offer an EMI calculator, is instead a sophisticated…
Smart Bed Security Flaw Lets Hackers Access Other Network Devices
A security researcher has uncovered critical vulnerabilities in Eight Sleep’s internet-connected smart beds, revealing exposed Amazon Web Services (AWS) credentials, remote SSH backdoors, and potential access to users’ entire home networks. The findings underscore growing concerns about IoT device security…
Apple Removes Advanced Data Protection (ADP) for UK Users
Apple has discontinued its Advanced Data Protection (ADP) feature for UK users following a legal demand from the British government to access encrypted user data. The move marks a pivotal moment in the ongoing global debate over privacy rights and…
Wireshark 4.4.4 Released – Explore the Latest Features!
The Wireshark Foundation has announced the release of Wireshark 4.4.4, the latest iteration of the world’s most widely used network protocol analyzer. This update focuses on enhancing stability, refining protocol dissectors, and addressing critical security vulnerabilities, cementing Wireshark’s position as…
Stablecoin Bank Hit by Cyberattack, Loses $49.5M to Hackers
The cryptocurrency sector faced one of its most significant security breaches this year as stablecoin banking platform @0xinfini fell victim to a sophisticated cyberattack. Hackers drained 49.5 million USD Coin ($USDC) from the platform’s reserves, triggering immediate market turbulence and…
LockBit Ransomware Strikes: Exploiting a Confluence Vulnerability
In a swift and highly coordinated attack, LockBit ransomware operators exploited a critical remote code execution vulnerability (CVE-2023-22527) in Atlassian Confluence servers, targeting an exposed Windows server. This vulnerability, rated CVSS 10.0, enabled unauthenticated attackers to execute arbitrary commands by…