In a recent cybersecurity development, over 50,000 WordPress websites using the Uncanny Automator plugin have been identified as vulnerable to a critical privilege escalation attack. This vulnerability, discovered by security researcher mikemyers through the Wordfence Bug Bounty Program, allows authenticated…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Lazarus Adds New Malicious npm Using Hexadecimal String Encoding to Evade Detection Systems
North Korean state-sponsored threat actors associated with the Lazarus Group have intensified their Contagious Interview campaign by deploying novel malicious npm packages leveraging hexadecimal string encoding to bypass detection mechanisms. These packages deliver BeaverTail infostealers and remote access trojan (RAT)…
Python JSON Logger Vulnerability Enables Remote Code Execution – PoC Released
A recent security disclosure has revealed a remote code execution (RCE) vulnerability, CVE-2025-27607, in the Python JSON Logger package, affecting versions between 3.2.0 and 3.2.1. This vulnerability arises from a missing dependency, “msgspec-python313-pre,” which could be exploited by malicious actors…
Critical pgAdmin Flaw Allows Remote Code Execution
A severe Remote Code Execution (RCE) vulnerability in pgAdmin (CVE-2025-2945), the popular PostgreSQL database management tool, has been patched after researchers discovered attackers could hijack servers through malicious API requests. The flaw affects pgAdmin versions ≤9.1 and allows authenticated users…
Dell PowerProtect Flaw Allows Remote Attackers to Execute Arbitrary Commands
Dell Technologies has released a security update addressing a critical vulnerability (CVE-2025-29987) in its PowerProtect Data Domain Operating System (DD OS). The vulnerability allows authenticated attackers to execute arbitrary commands with root privileges, posing a high security risk. Users are…
Sakura RAT Released on GitHub Can Bypass Antivirus and EDR Tools
A newly developed remote administration tool (RAT) named “Sakura RAT” has been released on GitHub, raising alarms for its powerful capabilities and ability to bypass modern detection systems like antivirus (AV) software and endpoint detection and response (EDR) tools. Tagged…
Bitdefender GravityZone Console PHP Vulnerability Lets Hackers Execute Arbitrary Commands
Cybersecurity firm Bitdefender has patched a severe flaw (CVE-2025-2244) in its GravityZone Console, which could allow unauthenticated attackers to execute arbitrary commands on vulnerable systems. The vulnerability, discovered by researcher Nicolas Verdier (@n1nj4sec), has a near-maximum CVSSv4 score of 9.5, highlighting…
NICE Workforce Framework 2.0.0 Released: Everything New and Improved
The National Initiative for Cybersecurity Education (NICE) Workforce Framework for Cybersecurity has undergone a significant update, with the release of its version 2.0.0 introducing numerous enhancements aimed at standardizing how cybersecurity work and competencies are understood and managed. This major…
10 Best XDR (Extended Detection & Response) Solutions 2025
As cyber threats grow increasingly sophisticated, traditional security tools often fall short in providing comprehensive protection. Extended Detection and Response (XDR) has emerged as a next-generation cybersecurity solution designed to unify and enhance threat detection, investigation, and response across an…
Hack The box “Ghost” Challenge Cracked – A Detailed Technical Exploit
Cybersecurity researcher “0xdf” has cracked the “Ghost” challenge on Hack The Box (HTB), a premier platform for honing penetration testing skills, and shared an exhaustive technical breakdown on their GitLab blog. The write-up chronicles a sophisticated attack that navigates through…
Sec-Gemini v1 – Google’s New AI Model for Cybersecurity Threat Intelligence
Google has unveiled Sec-Gemini v1, an AI model designed to redefine cybersecurity operations by empowering defenders with advanced threat analysis, vulnerability assessment, and incident response capabilities. The experimental system, developed by a team led by Elie Burzstein and Marianna Tishchenko,…
U.S. Secures Extradition of Rydox Cybercrime Marketplace Admins from Kosovo in Major International Operation
The United States has successfully extradited two Kosovo nationals, Ardit Kutleshi, 26, and Jetmir Kutleshi, 28, from Kosovo to face charges in the Western District of Pennsylvania for their alleged roles as administrators of the Rydox cybercrime marketplace. The Rydox…
Ivanti Fully Patched Connect Secure RCE Vulnerability That Actively Exploited in the Wild
April 5, 2025 – Ivanti has issued an urgent security advisory for CVE-2025-22457, a critical vulnerability impacting Ivanti Connect Secure, Pulse Connect Secure, Ivanti Policy Secure, and ZTA Gateways. Rated at a CVSS score of 9.0, this stack-based buffer overflow…
Beware! Fake Unpaid Tolls Messages Used in Phishing Attack to Steal Login Credentials
A surge in phishing text messages claiming unpaid tolls has been linked to a massive phishing-as-a-service (PhaaS) operation. These scams, which have been hitting users’ phones in waves, are part of a sophisticated campaign leveraging a platform called Lucid. Cybercriminals…
PoisonSeed Targets CRM and Bulk Email Providers in New Supply Chain Phishing Attack
A sophisticated phishing campaign, dubbed “PoisonSeed,” has been identified targeting customer relationship management (CRM) and bulk email providers to facilitate cryptocurrency-related scams. The threat actors behind this campaign are leveraging compromised credentials to export email lists and send bulk phishing…
EncryptHub Ransomware Uncovered Through ChatGPT Use and OPSEC Failures
EncryptHub, a rapidly evolving cybercriminal entity, has come under intense scrutiny following revelations of operational security (OPSEC) failures and extensive reliance on ChatGPT for its operations. This emerging threat actor has been linked to ransomware campaigns, data theft, and the…
Beware! Weaponized Job Recruitment Emails Spreading BeaverTail and Tropidoor Malware
A concerning malware campaign was disclosed by the AhnLab Security Intelligence Center (ASEC), revealing how threat actors are leveraging fake recruitment emails to distribute malicious payloads. The attackers impersonated Dev.to, a prominent developer community, and lured victims with promises of…
Malicious PyPI Package Targets E-commerce Sites with Automated Carding Script
Cybersecurity researchers from Socket have exposed a malicious Python package on PyPI, named disgrasya, designed to automate credit card fraud on WooCommerce-based e-commerce sites. Unlike conventional supply chain attacks that rely on deception or typosquatting, disgrasya was overtly malicious, leveraging…
DeepSeek-R1 Prompts Abused to Generate Advanced Malware and Phishing Sites
The release of DeepSeek-R1, a 671-billion-parameter large language model (LLM), has sparked significant interest due to its innovative use of Chain-of-Thought (CoT) reasoning. CoT reasoning enables the model to break down complex problems into intermediate steps, enhancing performance on tasks…
Beware of Clickfix: ‘Fix Now’ and ‘Bot Verification’ Lures Deliver and Execute Malware
A sophisticated browser-based malware delivery method, dubbed ClickFix, has emerged as a significant threat to cybersecurity. Leveraging deceptive prompts like “Fix Now” and “Bot Verification,” ClickFix tricks users into executing malicious commands by exploiting familiar system actions. This technique bypasses…