Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

DNS tunneling is a covert technique that cybercriminals use to bypass traditional network security measures and exfiltrate data or establish command and control channels within an organization. By leveraging the essential and often trusted Domain Name System (DNS) protocol, attackers…

Read more →

Cybersecurity experts have observed an alarming increase in the use of SVG (Scalable Vector Graphics) files for phishing attacks. These attacks leverage the versatility of SVG format, which allows embedding of HTML and JavaScript code within what appears to be…

Read more →

In today’s rapidly evolving threat landscape, Chief Information Security Officers (CISOs) are tasked with more than just deploying the latest security technologies; they must also foster a culture of security awareness across their organizations. While technical controls are essential, the…

Read more →

Cyber hygiene refers to the routine practices and fundamental security measures organizations implement to maintain system health and improve security posture. In today’s rapidly evolving digital landscape, the attack surface for cyber threats expands continuously, making robust cyber hygiene essential…

Read more →

Hybrid cloud environments, which blend on-premises infrastructure with public and private cloud services, have become the backbone of modern enterprises. While they offer flexibility and scalability, they introduce complex security challenges that demand strategic oversight. Chief Information Security Officers (CISOs)…

Read more →

A new variant of the FOG ransomware has been identified, with attackers exploiting the name of the Department of Government Efficiency (DOGE) to mislead victims. This operation, which came to light through the analysis of nine malware samples uploaded to…

Read more →

In an era where cybersecurity has become paramount, the banking and financial sectors are facing an alarming escalation in ransomware attacks. According to recent findings, each ransomware attack costs banks an average of $6.08 million, excluding the additional expenses on…

Read more →

Cybersecurity researchers at Guardio Labs have unveiled a troubling new trend dubbed “VibeScamming,” where cybercriminals are using AI tools to create sophisticated phishing campaigns with unprecedented ease. This development, which allows even novice hackers to craft convincing scams, marks a…

Read more →

Recent research has unveiled a concerning vulnerability within the realm of containerized applications, where threat actors are leveraging stolen certificates and private keys to infiltrate organizations. This tactic not only allows hackers to bypass security measures but also potentially permits…

Read more →

Security researchers have linked the notorious RedGolf hacking group to a wave of exploits targeting Fortinet firewall zero-days and the deployment of custom cyber attack tools. The exposure of a misconfigured server tied to the KeyPlug malware—a hallmark of RedGolf…

Read more →

A notorious threat actor has allegedly begun selling “Baldwin Killer,” a sophisticated malware toolkit designed to bypass leading antivirus (AV) and endpoint detection and response (EDR) systems. The tool, advertised on dark web forums, claims to circumvent security solutions such…

Read more →

A newly documented technique reveals how attackers can exploit the WinDbg Preview debugger to bypass even the strictest Windows Defender Application Control (WDAC) policies, raising concerns about a significant gap in enterprise security controls. The exploit, dubbed the “WinDbg Preview…

Read more →

The Chinese hacker group known as Billbug, or Lotus Blossom, targeted high-profile organizations across Southeast Asia. The attackers, who were previously documented by Symantec and later Cisco Talos, employed a variety of new custom tools, alongside novel techniques like DLL…

Read more →

Researchers have unveiled a sophisticated new technique that allows attackers to bypass traditional Antivirus (AV) and Endpoint Detection and Response (EDR) solutions. By exploiting how these defensive tools analyze command-line arguments—a core method of detecting suspicious activity—malicious actors can now…

Read more →

The AhnLab SEcurity intelligence Center (ASEC) has released a detailed analysis of a sophisticated cyber campaign dubbed “Larva-24005,” linked to the notorious North Korean hacking group Kimsuky. This operation has been targeting critical sectors in South Korea, including software, energy,…

Read more →

Linus Torvalds announced the release of Linux 6.15-rc3, delivering a fresh batch of bug fixes and minor adjustments to the ever-evolving Linux kernel. As is customary, the release candidate comes right on schedule, arriving just after the weekend—this time, coinciding…

Read more →

A newly uncovered hacking campaign is targeting business leaders and cryptocurrency firms by abusing Zoom’s remote control feature, allowing attackers to take over victims’ computers with a single click. The sophisticated operation, attributed to a threat group known as ELUSIVE…

Read more →

A major security flaw in the Speedify VPN application for macOS, tracked as CVE-2025-25364, has exposed millions of users to the risk of complete system compromise. Researchers at SecureLayer7 discovered the vulnerability in Speedify’s privileged helper tool. It could potentially allow…

Read more →

ASUS has acknowledged multiple critical vulnerabilities affecting its routers that could allow hackers to remotely execute malicious code, thereby compromising network security and user privacy. These flaws highlight the continuous challenges in securing IoT and networking devices against increasingly sophisticated…

Read more →

A newly disclosed critical vulnerability (CVE-2025-32434) in PyTorch, the widely used open-source machine learning framework, allows attackers to execute arbitrary code on systems loading AI models—even when safety measures like weights_only=True are enabled. The flaw impacts all PyTorch versions ≤2.5.1 and has…

Read more →