Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

The International Civil Aviation Organization (ICAO), a United Nations agency responsible for coordinating global aviation standards, has reported a significant information security incident that has exposed the personal data of approximately 42,000 applicants.  The agency is actively investigating the breach,…

Read more →

A new and sophisticated phishing scam has been uncovered, leveraging Microsoft 365 domains to trick users into compromising their PayPal accounts. The attack exploits legitimate-looking sender addresses and URLs, making it harder for victims to recognize the phishing attempt. Security…

Read more →

The malicious Southeast Asian APT group known as OceanLotus (APT32) has been implicated in a sophisticated attack that compromises the privacy of cybersecurity professionals. A recent investigation by the ThreatBook Research and Response Team revealed that a popular privilege escalation…

Read more →

The Green Bay Packers, Inc. has confirmed that its online merchandise store was hacked, leading to the theft of credit card data from over 8,500 customers. The incident, which occurred on September 23, 2024, was discovered nearly three months later…

Read more →

A Data Leak Site (DLS) belonging to a new extortion group named Morpheus, which has stolen data from Arrotex Pharmaceuticals (Australia) on December 12th and PUS GmbH (Germany) on December 20th.  Morpheus offers stolen data for sale on the DLS,…

Read more →

Malicious packages “solanacore,” “solana login,” and “walletcore-gen” on npmjs target Solana developers with Windows trojans and malware for keylogging and data exfiltration via Slack webhooks and ImgBB APIs. These recently discovered crypto-stealers exhibit unusual transparency, openly revealing their malicious intent…

Read more →

is this website safe? In this digital world, Check a website is safe is the most critical concern since there are countless malicious websites available everywhere over the Internet, and it is tough to find a trustworthy website.  We need…

Read more →

GitLab has announced the release of critical updates to its Community Edition (CE) and Enterprise Edition (EE), specifically versions 17.7.1, 17.6.3, and 17.5.5. These updates are essential for maintaining security and stability across all self-managed GitLab installations and should be…

Read more →

A series of serious vulnerabilities have been identified in Palo Alto Networks’ Expedition migration tool, which could allow attackers to gain unauthorized access to sensitive data, including cleartext passwords and device configurations. The vulnerabilities, detailed in multiple Common Vulnerabilities and…

Read more →

The Wireshark development team announced the release of Wireshark version 4.4.3, a critical update that brings several bug fixes and enhancements to this widely used network protocol analyzer. Renowned for its ability to troubleshoot, analyze, and educate users about network…

Read more →

Ivanti released a critical security advisory addressing vulnerabilities in its Connect Secure, Policy Secure, and ZTA Gateways products. This advisory reveals the existence of two significant vulnerabilities, CVE-2025-0282 and CVE-2025-0283, which have been exploited in the wild, necessitating immediate action…

Read more →

Researchers observed the Gayfemboy botnet in early 2024 as a basic Mirai variant. Still, the botnet rapidly evolved through iterative development, including UPX polymorphic packing, integrating N-day vulnerabilities, and ultimately leveraging a 0-day vulnerability in Four-Faith industrial routers.  By November…

Read more →

Since 2013, the advanced persistent threat (APT) known as Kimsuky, which the North Korean government sponsors, has been actively conducting cyber espionage operations.  It employs advanced malware, spearphishing, and social engineering tactics to infiltrate target networks and exfiltrate sensitive data,…

Read more →

Gravy Analytics, a prominent player in location intelligence, has reportedly fallen victim to a significant cyberattack. Initial investigations suggest that hackers have exfiltrated sensitive data, raising concerns over consumer privacy and data security. Founded to enhance business decision-making through location-based…

Read more →

Google has released an update for its Chrome web browser, advancing to version 131.0.6778.264/.265 for Windows and Mac, and 131.0.6778.264 for Linux. This update addresses a series of critical security vulnerabilities and will be rolled out gradually over the coming…

Read more →

The distinction between nation-state actors and organized cybercriminals is becoming increasingly blurred. Both groups now leverage similar tactics, techniques, and procedures (TTP) in their cyber operations, resulting in a complex landscape where motivations and objectives often intersect. This article delves…

Read more →

Washington State Attorney General Bob Ferguson filed a consumer protection lawsuit against T-Mobile for its alleged failure to secure sensitive personal information of over 2 million residents. This lawsuit comes in the wake of a massive data breach that exposed…

Read more →

A recent investigation revealed that the Akira and Fog ransomware groups are actively exploiting the SonicWall NSA vulnerability (CVE-2024-40766) to compromise organizations.  As of December 23, 2024, over 100 companies are suspected to have been victimized by these groups through…

Read more →

A browser extension named PRIVESHIELD automatically creates isolated profiles to group websites based on browsing history and user interaction, which disrupts cross-website tracking practices by preventing cookie-matching methods used for targeted advertising.  The evaluation results show that PRIVESHIELD is more…

Read more →

Stalwart is an innovative open-source mail server solution that supports JMAP, IMAP4, POP3, and SMTP, offering a comprehensive suite of features designed for security, performance, and scalability. Built with Rust, Stalwart stands out for its modern architecture that emphasizes safety…

Read more →