Cybersecurity researchers at Bitdefender have identified a significant uptick in subscription-based scams, characterized by an unprecedented level of sophistication and scale. These fraudulent operations, involving over 200 meticulously crafted websites, are designed to deceive users into divulging sensitive credit card…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Hackers Weaponize Go Modules to Deliver Disk‑Wiping Malware, Causing Massive Data Loss
Cybersecurity researchers uncovered a sophisticated supply chain attack targeting the Go programming language ecosystem in April 2025. Hackers have weaponized three malicious Go modules-github[.]com/truthfulpharm/prototransform, github[.]com/blankloggia/go-mcp, and github[.]com/steelpoor/tlsproxy-to deploy devastating disk-wiping malware. Leveraging the decentralized nature of Go’s module system, where…
RansomHub Taps SocGholish: WebDAV & SCF Exploits Fuel Credential Heists
SocGholish, a notorious loader malware, has evolved into a critical tool for cybercriminals, often delivering payloads like Cobalt Strike and, more recently, RansomHub ransomware. Darktrace’s Threat Research team has tracked multiple incidents since January 2025, where threat actors exploited SocGholish…
Hundreds of Fortune 500 Companies Have Unknowingly Employed North Korean IT Operatives
North Korean nationals have successfully infiltrated the employee ranks of major global corporations at a scale previously underestimated, creating a pervasive threat to IT infrastructure and sensitive data worldwide. Security experts revealed at the RSAC 2025 Conference that the infiltration…
State-Sponsored Hacktivism on the Rise, Transforming the Cyber Threat Landscape
Global cybersecurity landscape is undergoing a significant transformation, as state-sponsored hacktivism gains traction amid ongoing conflicts. In 2024, Forescout Technologies Inc. documented 780 hacktivist attacks, predominantly conducted by four groups operating on opposite sides of the Russia-Ukraine and Israel-Palestine conflicts:…
Stealthy New NodeJS Backdoor Infects Users Through CAPTCHA Verifications
Security researchers have uncovered a sophisticated malware campaign utilizing fake CAPTCHA verification screens to deploy a stealthy NodeJS backdoor. The attack, part of the broader KongTuke campaign, leverages compromised websites to distribute malicious JavaScript that ultimately deploys advanced remote access…
Tsunami Malware Surge: Blending Miners and Credential Stealers in Active Attacks
Security researchers have recently discovered a sophisticated malware operation called the “Tsunami-Framework” that combines credential theft, cryptocurrency mining, and potential botnet capabilities. The framework employs advanced evasion techniques to bypass security measures and maintain persistent access to infected systems. Analysis…
NVIDIA Riva AI Speech Flaw Let Hackers Gain Unauthorized Access to Abuse GPU Resources & API keys
Researchers have uncovered significant security vulnerabilities in NVIDIA Riva, a breakthrough AI speech technology platform used for transcription, voice assistants, and conversational AI. The flaws, now formally recognized as CVE-2025-23242 and CVE-2025-23243, expose enterprise users to potential unauthorized access and…
The Double-Edged Sword of AI in Cybersecurity: Threats, Defenses & the Dark Web Insights Report 2025
Check Point Research’s latest AI Security Report 2025 reveals a rapidly evolving cybersecurity landscape where artificial intelligence simultaneously presents unprecedented threats and defensive capabilities. The comprehensive investigation, which included dark web surveillance and insights from Check Point’s GenAI Protect platform,…
Hackers Exploit Critical NodeJS Vulnerabilities to Hijack Jenkins Agents for RCE
Security researchers have identified critical vulnerabilities in the Node.js CI/CD infrastructure, exposing internal Jenkins agents to remote code execution and raising the risk of supply chain attacks. These flaws stemmed from the integration and communication gaps between multiple DevOps platforms-specifically…
Hackers Exploit New Eye Pyramid Offensive Tool With Python to Launch Cyber Attacks
Security researchers from Intrinsec have published a comprehensive analysis revealing significant overlaps in infrastructure between multiple ransomware operations and the open-source offensive tool, Eye Pyramid. Their investigation, which began by examining a Python backdoor used by the RansomHub ransomware group,…
New MCP-Based Attack Techniques and Their Application in Building Advanced Security Tools
MCP, developed by Anthropic, allows Large Language Models (LLMs) to interface seamlessly with external tools, enabling the creation of agentic AI systems that can autonomously perform complex tasks. As organizations increasingly integrate MCP, new attack techniques have emerged, highlighting the…
Why CISOs Are Adopting DevSecOps for Secure Software Development
CISOs adopting DevSecOps strategically enhance security measures while ensuring fast-paced software development, responding to the growing landscape of cyber threats. Integrating security practices throughout the entire development lifecycle is critical for organizations seeking to reduce vulnerabilities without sacrificing innovation speed.…
Nebulous Mantis hackers have Deployed the RomCom RAT globally, Targeting organizations.
Nebulous Mantis, also known as Cuba, STORM-0978, Tropical Scorpius, and UNC2596, is a Russian-speaking cyber espionage group that has been actively deploying the RomCom remote access trojan (RAT) in targeted campaigns since mid-2019. The group primarily focuses on critical infrastructure,…
Cyberattack Targets Iconic UK Retailer Harrods
Luxury department store Harrods has become the latest UK retailer to face a cyberattack, joining Marks & Spencer (M&S) and the Co-op in a wave of incidents exposing vulnerabilities across the retail sector. While Harrods’ flagship store and online platform…
Dutch Services Disrupted by DDoS Attacks From Russian-Affiliated Hacktivists
Multiple Dutch organizations have experienced significant service disruptions this week due to a series of coordinated Distributed Denial-of-Service (DDoS) attacks. These attacks, which have also targeted other European organizations, are believed to be the work of a pro-Russian hacktivist group…
Seven Malicious Packages Exploit Gmail SMTP to Run Harmful Commands
A major supply chain security incident has rocked the Python open-source community as researchers at Socket’s Threat Research Team uncovered seven interconnected malicious packages published on the Python Package Index (PyPI). These packages Coffin-Codes-Pro, Coffin-Codes-NET2, Coffin-Codes-NET, Coffin-Codes-2022, Coffin2022, Coffin-Grave, and cfc-bsb-were ingeniously…
CISA Issues New ICS Advisories Addressing Critical Vulnerabilities and Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) has issued two new advisories revealing critical vulnerabilities found in widely used Industrial Control Systems (ICS). Released on May 1, 2025, the advisories spotlight severe security risks affecting KUNBUS GmbH’s Revolution Pi devices…
NVIDIA TensorRT-LLM Vulnerability Let Hackers Run Malicious Code
NVIDIA has issued an urgent security advisory after discovering a significant vulnerability (CVE-2025-23254) in its popular TensorRT-LLM framework, urging all users to update to the latest version (0.18.2) to safeguard their systems against potential attacks. Overview of the Vulnerability The…
CISA Issues Alert on Actively Exploited Apache HTTP Server Escape Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a newly discovered and actively exploited vulnerability in the widely used Apache HTTP Server. The flaw, catalogued as CVE-2024-38475, affects the server’s mod_rewrite module and poses significant…