Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

The once-shadowy realm of Pegasus spyware has breached new frontiers, with forensic analyses revealing a stark pivot from targeting journalists and activists to infiltrating the private sector. In December 2024, mobile security firm iVerify detected 11 new Pegasus infections among…

Read more →

Cybersecurity researchers from Palo Alto Networks’ Unit 42 disclosed the resurgence of the Bookworm malware, which has been linked to the Stately Taurus threat actor group. This malware employs a sophisticated DLL sideloading technique that enables it to infiltrate Windows…

Read more →

ESET researchers have uncovered a series of malicious activities orchestrated by a North Korea-aligned group known as DeceptiveDevelopment, active since early 20241. The cybercriminals pose as company recruiters, enticing freelance software developers with fake employment offers. As part of the…

Read more →

As of February 2025, ransomware remains a formidable cyber threat, evolving in complexity and scale. The ransomware ecosystem has adapted to previous law enforcement disruptions, showcasing a resilient business model that continues to attract financially motivated cybercriminals. The proliferation of…

Read more →

A recent investigation into Ivanti Endpoint Manager (EPM) has uncovered four critical vulnerabilities that could allow unauthenticated attackers to exploit machine account credentials for relay attacks, potentially leading to server compromise. These vulnerabilities, identified in the C:\Program Files\LANDesk\ManagementSuite\WSVulnerabilityCore.dll, were patched…

Read more →

Check Point Software Technologies Ltd. has announced plans to establish its inaugural Asia-Pacific Research and Development (R&D) Centre in Bengaluru, India. This initiative, unveiled during the CPX Bangkok 2025 conference, aims to drive innovation in cybersecurity solutions while strengthening global…

Read more →

Cybersecurity experts have raised alarms about the Rhadamanthys Infostealer, a sophisticated malware now being distributed through Microsoft Management Console (MMC) files with the MSC extension. This new tactic, confirmed by the AhnLab Security Intelligence Center (ASEC), exploits the flexibility of…

Read more →

Cybersecurity researchers at Palo Alto Networks’ Unit 42 disclosed nine vulnerabilities in NVIDIA’s Compute Unified Device Architecture (CUDA) Toolkit, specifically in the cuobjdump and nvdisasm utilities. These tools, integral to analyzing CUDA binary files for GPU programming, were found to…

Read more →

Cybersecurity researchers have uncovered a sophisticated malware campaign orchestrated by the threat actor group SmartApeSG, also known as ZPHP or HANEYMANEY. This campaign exploits fake browser update notifications to deliver two potent malware strains: NetSupport RAT and StealC. The operation…

Read more →

A recent phishing campaign conducted by cybersecurity firm Hackmosphere has revealed alarming vulnerabilities among top decision-makers, including CEOs and CTOs. The study underscores how cybercriminals exploit social engineering tactics to target high-ranking executives, emphasizing the need for heightened vigilance and…

Read more →

Security researchers have uncovered a significant evolution in the ShadowPad malware family, which is now being used to deploy ransomware in highly targeted attacks. ShadowPad, modular malware linked to Chinese threat actors, has historically been associated with cyber espionage. However,…

Read more →

A newly discovered vulnerability in the Fedora Linux kernel, identified as CVE-2025-1272, has raised alarm bells in the open-source community. The flaw, stemming from Secure Boot’s failure to automatically enable kernel lockdown mode, could expose sensitive system data to potential…

Read more →

IBM recently disclosed multiple vulnerabilities in its OpenPages platform, a tool widely used for governance, risk, and compliance management. These vulnerabilities, if exploited, could allow attackers to access sensitive information, disrupt critical processes, or compromise authentication credentials. Below are the…

Read more →

AWS Key Hunter, a cutting-edge automated solution designed to identify exposed AWS keys in GitHub repositories. This powerful tool combines real-time monitoring, advanced scanning capabilities, and a seamless notification system to help developers and organizations protect sensitive cloud credentials from…

Read more →

The National Security Agency (NSA) has unveiled Ghidra 11.3, the latest iteration of its open-source software reverse engineering (SRE) framework, introducing transformative features that streamline vulnerability analysis and collaborative research. This release—coded internally as “NSA Adds Innovative Features to Ghidra 11.3…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a joint advisory warning about the widespread impact of the Ghost ransomware, also known as Cring. Since its emergence in early 2021, this ransomware…

Read more →

Symantec, a division of Broadcom, has released a critical security update to address a high-severity vulnerability identified in its Symantec Diagnostic Tool (SymDiag). This vulnerability tracked as CVE-2025-0893, could enable unauthorized privilege escalation, posing significant security risks. The issue specifically…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a joint advisory warning about the increasing threat posed by Ghost ransomware. This malicious campaign has already impacted more than 70 organizations across various…

Read more →

Microsoft has urgently addressed a high-severity privilege escalation vulnerability (CVE-2025-21420) in the Windows Disk Cleanup Utility (cleanmgr.exe) during its February 2025 Patch Tuesday updates. The flaw, scoring 7.8 on the CVSS scale, enabled attackers to execute malicious code with SYSTEM…

Read more →

Cloud Software Group has raced to address a severe security flaw in its widely used NetScaler management infrastructure that could enable authenticated attackers to execute malicious commands across enterprise networks. The vulnerability tracked as CVE-2024-12284 and scoring 8.8 on the…

Read more →