Cybersecurity researchers at CrowdStrike identified and thwarted a sophisticated malware campaign deploying SHAMOS, an advanced variant of the Atomic macOS Stealer (AMOS) malware, orchestrated by the cybercriminal group COOKIE SPIDER. Operating under a malware-as-a-service model, COOKIE SPIDER rents out this…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Commvault Backup Suite Flaws Allow Attackers to Breach On-Premises Systems
Security researchers have uncovered a critical series of vulnerabilities in Commvault’s backup and data management software that could enable attackers to achieve remote code execution and compromise on-premises infrastructure. The flaws, discovered by Watchtowr Labs, represent a significant threat to…
UNC5518 Group Hacks Legitimate Sites with Fake Captcha to Deliver Malware
The financially motivated threat group UNC5518 has been infiltrating trustworthy websites to install ClickFix lures, which are misleading phony CAPTCHA pages, as part of a complex cyber campaign that has been monitored since June 2024. These malicious pages trick users…
QUIC-LEAK Vulnerability Allows Attackers to Drain Server Memory and Cause DoS
Security researchers at Imperva have disclosed a critical pre-handshake memory exhaustion vulnerability in the widely-used LSQUIC QUIC implementation that enables remote attackers to crash servers through denial-of-service attacks. The flaw, designated CVE-2025-54939 and dubbed “QUIC-LEAK,” bypasses standard QUIC connection-level protections…
New Campaign Uses Active Directory Federation Services to Steal M365 Credentials
Researchers at Push Security have discovered a new phishing campaign that targets Microsoft 365 (M365) systems and uses Active Directory Federation Services (ADFS) to enable credential theft. This attack vector exploits Microsoft’s authentication redirect mechanisms, effectively turning a legitimate service…
MITM6 + NTLM Relay Attack Enables Full Domain Compromise
Cybersecurity researchers are highlighting a dangerous attack technique that combines rogue IPv6 configuration with NTLM credential relay to achieve complete Active Directory domain compromise, exploiting default Windows configurations that most organizations leave unchanged. Attack Leverages Default Windows IPv6 Behavior The…
22-year-old Operator of ‘Rapper Bot’ Botnet Charged for Launching 3 Tbps DDoS Attack
Federal authorities have charged a 22-year-old Oregon man with operating one of the most powerful distributed denial-of-service (DDoS) botnets ever discovered, marking a significant victory in the ongoing battle against cybercriminal infrastructure. Ethan Foltz of Eugene, Oregon, faces federal charges…
Operator of ‘Rapper Bot’ DDoS Botnet Faces Charges
Federal authorities have charged a 22-year-old Oregon man with operating one of the most powerful distributed denial-of-service (DDoS) botnets ever discovered, marking a significant victory in the ongoing battle against cybercriminal infrastructure. Ethan Foltz of Eugene, Oregon, faces federal charges…
CISA Issues Four ICS Advisories on Vulnerabilities and Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) released four critical Industrial Control Systems (ICS) advisories on August 19, 2025, alerting organizations to current security vulnerabilities and potential exploits affecting critical infrastructure systems. These advisories provide essential information for administrators and…
Apple Confirms Critical 0-Day Under Active Attack – Immediate Update Urged
Apple has issued an emergency security update for iOS 18.6.2 and iPadOS 18.6.2 to address a critical zero-day vulnerability that the company confirms is being actively exploited in sophisticated attacks against targeted individuals. The update, released on August 20, 2025,…
Critical Flaw in Apache Tika PDF Parser Exposes Sensitive Data to Attackers
A critical XML External Entity (XXE) vulnerability has been discovered in Apache Tika’s PDF parser module, potentially allowing attackers to access sensitive data and compromise internal systems. The flaw, tracked as CVE-2025-54988, affects a wide range of Apache Tika deployments…
PromptFix Exploit Forces AI Browsers to Execute Hidden Malicious Commands
Cybersecurity researchers have uncovered critical vulnerabilities in AI-powered browsers that allow attackers to manipulate artificial intelligence agents into executing malicious commands without user knowledge, introducing what experts are calling a new era of “Scamlexity” in digital security threats. The research,…
RingReaper Malware Targets Linux Servers, Stealthily Evading EDR Solutions
A new malware campaign dubbed RingReaper has emerged, targeting servers with advanced post-exploitation capabilities that exploit the kernel’s io_uring asynchronous I/O interface to bypass Endpoint Detection and Response (EDR) systems. This sophisticated agent minimizes reliance on traditional system calls like…
Google Unveils Enhanced Features to Empower Defenders and Strengthen AI Security
Google Cloud has announced a suite of advanced security enhancements at the 2025 Security Summit, aimed at fortifying AI ecosystems and leveraging artificial intelligence to elevate organizational defenses. These updates focus on proactive vulnerability detection, automated threat intelligence processing, and…
Threat Actors Impersonate as Google Support to Sniff Out Your Login Credentials
Threat actors are posing as Google support agents in an increasing number of complex social engineering attacks in order to take advantage of account recovery tools and obtain user credentials without authorization. These campaigns leverage legitimate-looking communication channels, such as…
QuirkyLoader: A New Malware Loader Spreading Infostealers and Remote Access Trojans (RATs)
IBM X-Force has tracked QuirkyLoader, a sophisticated loader malware deployed by threat actors to distribute prominent families such as Agent Tesla, AsyncRAT, FormBook, MassLogger, Remcos, Rhadamanthys, and Snake Keylogger. This multi-stage threat initiates through spam emails from legitimate providers or…
Ransomware Attacks in Japan Surge by 1.4 Times, Signaling a Significant Increase in Cyber Threats
Japan saw a significant increase in ransomware attacks in the first half of 2025, with incidences increasing by about 1.4 times over the same period the year before. According to a detailed investigation by Cisco Talos, 68 ransomware cases targeted…
Threat Actors Exploit GenAI Platforms to Craft Sophisticated and Realistic Phishing Attacks
The proliferation of generative AI (GenAI) platforms has revolutionized web-based services, enabling rapid code assistance, natural language processing, chatbot deployment, and automated site construction. However, telemetry data reveals a concerning evolution in the GenAI ecosystem, where threat actors are increasingly…
Scaly Wolf Unleashing Attacks to Expose Organizations’ Hidden Secrets
The Scaly Wolf advanced persistent threat (APT) gang has once again targeted a Russian engineering company in a sophisticated targeted attack that was discovered by Doctor Web’s analysts. This shows that the group is determined to obtain corporate secrets. This…
Serial Hacker Sentenced for Defacing and Hacking Organizational Websites
Al-Tahery Al-Mashriky, 26, of Rotherham, South Yorkshire, was given a 20-month prison sentence for several charges of illegal computer access and data exfiltration, part of a major crackdown on ideologically driven cyberthreats. Al-Mashriky, affiliated with extremist hacking collectives such as…