In 2025, the complexity of cyberattacks demands more than just a quick fix; it requires a deep dive into the digital footprint left by adversaries and a methodical approach to recovery. For organizations facing such threats, partnering with the Best…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Top 10 Best Cyber Threat Intelligence Companies in 2025
Organizations face a relentless onslaught of highly targeted, evasive, and economically motivated cyber threats. To combat this, they are increasingly relying on Cyber Threat Intelligence Companies. To effectively combat this dynamic landscape, simply reacting to incidents is no longer sufficient.…
Top 10 Best Security Operations Center (SOC) as a Service Providers in 2025
In 2025, the digital landscape is more complex and perilous than ever. Organizations face an unrelenting barrage of sophisticated cyber threats, from advanced ransomware campaigns to nation-state-backed attacks. As a result, many are turning to SOC as a Service Providers…
Telegram Messenger Abused by Android Malware to Seize Full Device Control
Security researchers at Doctor Web have uncovered a sophisticated Android backdoor disguised as Telegram X that grants cybercriminals complete control over victims’ accounts and devices. The malware, identified as Android.Backdoor.Baohuo.1.origin, has already infected more than 58,000 devices worldwide, with approximately…
Vault Viper Exploits Online Gambling Websites Using Custom Browser to Install Malicious Program
A major cybersecurity investigation has uncovered a sophisticated criminal operation called Vault Viper that exploits online gambling platforms to distribute a malicious custom browser with remote access capabilities. The threat actor, linked to the Baoying Group and connected to the…
Google Warns of Cybercriminals Using Fake Job Postings to Spread Malware and Steal Credentials
Google’s Threat Intelligence Group (GTIG) has uncovered a sophisticated social engineering campaign orchestrated by financially motivated threat actors based in Vietnam. The ultimate objective is to compromise corporate advertising accounts and steal valuable credentials for resale or direct monetization. The…
New RedTiger Tool Targets Gamers and Discord Accounts in the Wild
Gamers face a growing threat from cybercriminals exploiting popular gaming and communication platforms. A dangerous infostealer called RedTiger is now actively circulating in the wild, specifically designed to steal Discord credentials, gaming accounts, and sensitive financial information from unsuspecting players…
New PDF Tool Detects Malicious Files Using PDF Object Hashing
Proofpoint has released a new open-source tool called PDF Object Hashing that helps security teams detect and track malicious files distributed as PDFs. The tool is now available on GitHub and represents a significant advancement in identifying suspicious documents used…
IIS Servers Hijacked via Exposed ASP.NET Machine Keys — Malicious Modules Injected in the Wild
Security researchers have uncovered a sophisticated cyberattack campaign that exploited publicly exposed ASP.NET machine keys to compromise hundreds of Internet Information Services (IIS) servers worldwide. The operation, detected in late August and early September 2025, deployed a previously undocumented malicious…
North Korean Hackers Target UAV Industry to Steal Confidential Data
ESET researchers have uncovered a sophisticated cyberespionage campaign targeting European defense companies specializing in unmanned aerial vehicle (UAV) technology. The attacks, attributed to the North Korea-aligned Lazarus group operating under Operation DreamJob, reveal a coordinated effort to steal proprietary manufacturing…
Phishing Campaign Uses Unique UUIDs to Evade Secure Email Gateways
A sophisticated new phishing attack discovered in early February 2025 is successfully bypassing Secure Email Gateways (SEGs) and evading perimeter defenses through an ingenious combination of random domain selection, dynamic UUID generation, and browser session manipulation. The attack leverages a…
Ransomware Actors Targeting Global Public Sectors and Critical Infrastructure
The public sector faces an unprecedented cybersecurity crisis as ransomware actors intensify their assault on government entities worldwide. According to Trustwave’s SpiderLabs research team, nearly 200 public sector organizations have been struck with ransomware in 2025 alone, with Babuk and…
Microsoft Releases Urgent Fix for Windows Server Update Services RCE FLaw
Microsoft has released a critical security patch to address a severe remote code execution vulnerability affecting Windows Server Update Services (WSUS). The flaw, tracked as CVE-2025-59287, poses an immediate threat to organizations managing Windows updates across their infrastructure. Attribute Details…
Malicious NuGet Packages Pose as Nethereum, Steal Crypto Wallet Keys
Socket’s Threat Research Team has uncovered a sophisticated supply chain attack targeting cryptocurrency developers through the NuGet package registry. The malicious packages, which exfiltrate sensitive wallet data including private keys and mnemonics, highlight a critical vulnerability in package registry security…
Toys “R” Us Canada Data Breach Exposes Customer Personal Information
Toys “R” Us Canada has alerted its customers to a significant data breach that may have compromised personal information. The company sent notification emails to affected customers on Thursday morning, confirming that unauthorized access to their databases occurred. According to…
Microsoft Boosts Windows Security by Disabling File Previews for Downloads
Microsoft has rolled out a significant security enhancement to Windows File Explorer, automatically disabling the preview pane for files downloaded from the internet as part of security updates released on and after October 14, 2025. This proactive measure targets a…
YouTube Ghost Malware Campaign: Over 3,000 Infected Videos Target Users
Check Point Research has uncovered a massive malware distribution operation called the YouTube Ghost Network, featuring over 3,000 malicious videos designed to infect unsuspecting users with dangerous information-stealing malware. This sophisticated cybercriminal network has been operating since at least 2021,…
Hackers Exploit Galaxy S25 0-Day to Turn On Camera and Track Users
A critical zero-day vulnerability in Samsung’s flagship Galaxy S25 smartphone was successfully exploited at Pwn2Own Ireland 2025, demonstrating how attackers could silently activate the device’s camera and track a user’s real-time location. Security researchers Ben R. and Georgi G. from…
Linux RATs on Windows: Ransomware Actors Target VMware Deployments
The Agenda ransomware group has evolved its attack methodology with a sophisticated technique that deploys Linux ransomware variants directly on Windows systems, challenging traditional endpoint security controls. The attack represents a significant tactical evolution in ransomware deployment strategies. Threat actors…
New Phishing Wave Uses OAuth Prompts to Take Over Microsoft Accounts
A new phishing campaign is targeting Microsoft account holders by using a clever twist on OAuth authentication prompts. Instead of asking users to hand over their passwords directly, attackers are tricking people into granting permission to malicious applications through legitimate-looking…