Researchers at Cato CTRL have demonstrated that the feature, designed to streamline AI workflows, can be easily weaponized to deploy MedusaLocker ransomware without the user’s knowledge. A new cybersecurity investigation has revealed a critical oversight in Anthropic’s rapidly growing “Claude…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
CISA Issues Alert on Actively Exploited Android Zero-Day Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has added two critical Android Framework vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, signaling active exploitation in the wild and prompting immediate action from organizations and device users worldwide. The vulnerabilities CVE-2025-48572…
Longwatch RCE Flaw Allows Attackers to Run Remote Code with Elevated Privileges
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory warning about a critical remote code execution vulnerability affecting Industrial Video & Control’s Longwatch video surveillance and monitoring system. The flaw enables unauthenticated attackers to execute arbitrary code with…
Malicious Rust “evm-units” Impersonator Deploys OS-Specific Payloads
A malicious Rust crate masquerading as an Ethereum Virtual Machine (EVM) utility has been caught delivering silent, OS-specific payloads to developers’ machines. The package, named evm-units and authored by “ablerust,” was hosted on Crates.io for roughly eight months and accumulated…
Shai-Hulud 2.0 Cyberattack Compromises 30,000 Repos and Exposes 500 GitHub Accounts
The Shai-Hulud 2.0 supply chain attack has proven to be one of the most persistent and destructive malware campaigns targeting the developer ecosystem. Since the incident first emerged on November 24, 2025, Wiz Research and Wiz CIRT have been tracking…
Let’s Encrypt Cutting Certificate Lifespan from 90 Days to 45 Days
Let’s Encrypt, the nonprofit certificate authority serving millions of websites, announced a significant shift in how it issues digital certificates. Starting in 2026, the organization will reduce the validity period of its SSL/TLS certificates from 90 days to 45 days,…
New Calendly-Inspired Phishing Attack Aims to Steal Google Workspace Credentials
A long-running phishing campaign is abusing Calendly-branded job invitations to compromise Google Workspace and Facebook Business accounts, with a particular focus on hijacking ad management platforms used by agencies and large brands. The operation, uncovered by Push Security, combines Attacker‑in‑the‑Middle…
New “Executive Award” Scam Exploits ClickFix to Deliver Stealerium Malware
A sophisticated new phishing campaign is targeting company executives with a double-pronged attack that steals credentials and deploys information-stealing malware in a single coordinated strike. The “Executive Award” scam, identified by cybersecurity researchers at Trustwave MailMarshal, represents an evolution in…
Critical Elementor Plugin Flaw Allows Attackers to Seize WordPress Admin Control
A severe privilege escalation vulnerability in the King Addons for Elementor WordPress plugin has exposed thousands of websites to complete administrative compromise. The flaw, tracked as CVE-2025-8489 with a critical CVSS score of 9.8, allows unauthenticated attackers to register with…
New Stealth K.G.B RAT Marketed by Threat Actors on Underground Forums
Threat actors on an underground cybercrime forum are allegedly promoting a new remote access Trojan (RAT) bundle dubbed “K.G.B RAT + Crypter + HVNC,” claiming it is “fully undetectable” by security solutions. The post, attributed to a member of a…
Authorities Seize Domains Linked to Tai Chang Cryptocurrency Investment Scam
The United States Justice Department has seized a website domain used to steal money from Americans through fake cryptocurrency investments. The domain, tickmilleas.com, was operated by the Tai Chang scam compound located in Kyaukhat, Burma. This action comes less than…
Threat Actors Using Matanbuchus Downloader to Deliver Ransomware and Maintain Persistence
Threat actors are increasingly abusing the Matanbuchus malicious downloader as a key enabler for hands-on-keyboard ransomware operations, using its backdoor-like capabilities to deliver secondary payloads, move laterally, and maintain long-term persistence on compromised systems. Initially observed in 2020 and offered…
Researchers Catch Lazarus Group’s Recruitment Workflow on Camera via Honeypot
A groundbreaking collaborative investigation by Mauro Eldritch of BCA LTD, ANYRUN, and NorthScan has lifted the curtain on North Korean threat actors from the Lazarus Group, revealing their recruitment tactics and operational methods in unprecedented detail. The research team documented…
Multiple Django Vulnerability Expose Applications to SQL Injection and DoS Attacks
The Django development team has released critical security patches for three major versions of the popular Python web framework, addressing two significant vulnerabilities that could expose applications to SQL injection attacks and denial-of-service conditions. The updates, issued on December 2,…
CISA Alerts on Iskra iHUB Authentication Flaw Allowing Remote Device Reconfiguration
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding a severe authentication vulnerability affecting Iskra iHUB and iHUB Lite intelligent metering gateways worldwide. Assigned CVE-2025-13510 with a CVSS score of 9.3, this vulnerability represents a significant…
Water Saci Hackers Exploit AI Tools to Target WhatsApp Web Users
The Water Saci campaign targeting Brazilian users has escalated significantly, with threat actors demonstrating remarkable technical sophistication by employing artificial intelligence to enhance their malware propagation capabilities. Security researchers have identified a critical shift in the group’s attack methodology: the…
Chrome 143 Update Patches 13 Security Vulnerabilities Allowing Arbitrary Code Execution
Google has released Chrome 143 to the stable channel, addressing 13 security vulnerabilities that could allow attackers to execute arbitrary code on affected systems. The update is now rolling out to Windows, Mac, and Linux users worldwide. The latest version,…
BPFDoor and Symbiote: Advanced eBPF-Based Rootkits Target Linux Systems
Extended Berkeley Packet Filter (eBPF) represents one of Linux’s most powerful kernel technologies, enabling users to load sandboxed programs directly into the kernel for network packet inspection and system call monitoring. Introduced in 2015 to modernize the 1992 BPF architecture,…
Hackers Exploit Telegram, WinSCP, Chrome, and Teams to Deliver ValleyRat Malware
Researchers have uncovered a sophisticated malware campaign where threat actors weaponize trojanized installers for popular productivity applications to deploy ValleyRat, a persistent remote access tool. The operation demonstrates advanced evasion techniques, including kernel-level driver abuse, endpoint security tampering, and multi-stage…
OpenVPN Flaws Allow Hackers to Launch DoS Attacks and Bypass Security Checks
Security researchers have uncovered three significant vulnerabilities in OpenVPN, one of the world’s most trusted open-source virtual private network (VPN) solutions. The discovered flaws could allow attackers to crash VPN services, bypass essential security checks, or read sensitive memory data.…