Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Active Directory (AD) Group Policy Objects (GPOs) are a cornerstone of centralized management for Windows environments, enabling administrators to configure operating systems, applications, and user settings across all domain-connected machines. The real work of applying these policies on client machines…

Read more →

Beijing, China, June 4th, 2025, CyberNewsWire After nearly a year of research and evaluation, Gartner released the first “Magic Quadrant for Network Detection and Response” report on May 29, ThreatBook became the only Chinese company selected. As enterprises accelerate their…

Read more →

Beijing, China, June 4th, 2025, CyberNewsWire After nearly a year of research and evaluation, Gartner released the first “Magic Quadrant for Network Detection and Response” report on May 29, ThreatBook became the only Chinese company selected. As enterprises accelerate their…

Read more →

Since 2016, the “DollyWay World Domination” campaign has quietly compromised more than 20,000 WordPress websites worldwide, exploiting vulnerabilities in plugins and themes to redirect visitors to malicious destinations.  The operation’s name comes from a telltale code string found in infected…

Read more →

A new and insidious threat has surfaced in the cybersecurity landscape as Darktrace’s Threat Research team uncovers PumaBot, a Go-based Linux botnet meticulously designed to exploit embedded Internet of Things (IoT) devices. Unlike conventional botnets that cast a wide net…

Read more →

A pro-Ukrainian hacktivist group known as BO Team, also operating under aliases such as Black Owl, Lifting Zmiy, and Hoody Hyena, has emerged as a formidable threat to Russian organizations in 2025. This group, which publicly declared its intentions via…

Read more →

The Android Security Bulletin for June 2025, published on June 2, details a series of high-severity vulnerabilities affecting a wide range of Android devices. Security patch levels of 2025-06-05 or later address all reported issues, with source code patches set…

Read more →

The manufacturing sector has emerged as a prime target for cyber attackers in 2024, with a staggering 71% surge in active threat actors compared to the previous year, according to a recent report by Forescout Technologies. Between 2024 and the…

Read more →

In a chilling revelation for cybersecurity professionals, the Russian Market has solidified its position as the leading hub for stolen credentials, fueling a dramatic rise in credential theft attacks worldwide. According to a 2024 report by ReliaQuest’s GreyMatter Digital Risk…

Read more →

The North Face, a prominent outdoor fashion brand under VF Outdoor, LLC, detected unusual activity on its website, thenorthface.com. Following a swift and thorough investigation, the company identified the incident as a small-scale credential stuffing attack. Unauthorized Access Incident on…

Read more →

A severe vulnerability in Apple’s iOS activation infrastructure has been uncovered, posing a significant risk to device security during the setup phase. This flaw, identified in the iOS Activation Backend at the endpoint https://humb.apple.com/humbug/baa, allows attackers to inject unauthenticated XML…

Read more →

A critical improper authentication vulnerability has been discovered in ConnectWise ScreenConnect, tracked as CVE-2025-3935 and mapped to CWE-287 (Improper Authentication). This flaw affects all ScreenConnect versions up to and including 25.2.3, exposing them to ViewState code injection attacks that could…

Read more →

A crucial point has been reached in the conflict between personal privacy and governmental monitoring in a time when digital communication is essential. Governments worldwide are grappling with the proliferation of strong encryption in messaging apps, social media platforms, and…

Read more →

Cross-site scripting (XSS) remains one of the most persistent threats in web security, but most discussions focus on traditional vectors. A lesser-known but intriguing avenue is exploiting JavaScript TypeError messages in Safari to achieve XSS. This technique leverages how Safari…

Read more →

A malicious threat actor has exploited a misconfigured instance of Open WebUI, a widely-used self-hosted AI interface with over 95,000 stars on GitHub, designed to enhance large language models (LLMs). This incident underscores the growing risks associated with internet-exposed AI…

Read more →

Cybersecurity researchers have shed light on the intricate balance of strengths and vulnerabilities inherent in cloud-based Large Language Model (LLM) guardrails. These safety mechanisms, designed to mitigate risks such as data leakage, biased outputs, and malicious exploitation, are critical to…

Read more →

A critical security advisory (SVD-2025-0602) has been issued for Splunk Universal Forwarder for Windows, addressing a high-severity vulnerability (CVE-2025-20298) that exposes Windows systems to potential privilege escalation. The flaw, rated 8.0 (High) on the CVSSv3.1 scale (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H), affects Universal Forwarder…

Read more →

Threat actors have increasingly turned their attention to exploiting misconfigurations in DevOps-managed web servers to deploy malicious payloads. Recent investigations into web server vulnerabilities reveal a sophisticated pattern of attacks targeting poorly secured environments. These misconfigurations, often stemming from improper…

Read more →

Cybercriminals have launched a devious campaign targeting users of gaming sites, social media platforms, and even sponsored ads by redirecting links to counterfeit Booking.com websites. According to recent Report by Malwarebytes, approximately 40% of travelers book their trips through general…

Read more →

Splunk has disclosed a reflected Cross-Site Scripting (XSS) vulnerability in its Enterprise and Cloud Platform products, tracked as CVE-2025-20297 and detailed in advisory SVD-2025-0601. The flaw, rated medium with a CVSSv3.1 score of 4.3, affects the dashboard PDF generation component…

Read more →