According to the Center for Strategic & International Studies’ (CSIS) 2025 Space Threat Assessment, space systems’ susceptibility to cyberattacks has gained significant attention. With approximately 720 cyber incidents reported across sectors in 2024 by the European Repository of Cyber Incidents…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Threat Actors Accelerate Transition from Reconnaissance to Compromise – New Report Finds
Cybercriminals are leveraging automation across the entire attack chain, drastically reducing the time from reconnaissance to compromise. The data shows a staggering 16.7% global increase in scans, with over 36,000 scans per second targeting not just exposed ports but delving…
Google Chrome Vulnerability Allows Attackers to Bypass Sandbox Restrictions – Technical Details Revealed
A severe vulnerability, identified as CVE-2025-2783, has been discovered in Google Chrome, specifically targeting the Mojo inter-process communication (IPC) component on Windows systems. This high-impact flaw, with a CVSS score of 8.8, stems from improper handle validation and management within…
Europol Launches Taskforce to Combat Violence-as-a-Service Networks
Europol has announced the launch of a powerful new Operational Taskforce (OTF), codenamed GRIMM, to confront the alarming rise of “violence-as-a-service” (VaaS) and the growing recruitment of young people by organised crime groups across Europe. Spearheaded by Sweden and joined by…
ResolverRAT Targets Healthcare and Pharmaceutical Sectors Through Sophisticated Phishing Attacks
A previously undocumented remote access trojan (RAT) named ResolverRAT has surfaced, specifically targeting healthcare and pharmaceutical organizations worldwide. First observed as recently as March 10, 2025, this malware distinguishes itself from related threats like Rhadamanthys and Lumma through its sophisticated…
JokerOTP Platform Linked to 28,000+ Phishing Attacks Dismantled
Law enforcement agencies from the UK and the Netherlands have dismantled the notorious JokerOTP cybercrime platform, which is allegedly linked to more than 28,000 phishing attacks across 13 countries. A 24-year-old man was apprehended this morning by Cleveland Police at…
Windows Server 2025 Gets Hotpatching Support Beginning July 1, 2025
Microsoft announced that hotpatching support for Windows Server 2025 will become generally available as a subscription service starting July 1, 2025. This move expands a key feature-previously exclusive to Azure-based servers-for broader use in on-premises and multicloud environments via Azure…
Critical Linux Kernel Flaw (CVE-2025-21756) Allows Privilege Escalation
A newly disclosed vulnerability in the Linux kernel, tracked as CVE-2025-21756 and dubbed “Attack of the Vsock,” has sent ripples through the cybersecurity community. The flaw enables attackers to escalate privileges to root, potentially gaining full control over affected Linux systems. According…
Massive Attack: 4,800+ IPs Used to Target Git Configuration Files
A recent surge in cyber reconnaissance has put thousands of organizations at risk after GreyNoise, a global threat intelligence platform, detected an alarming spike in attempts to access sensitive Git configuration files. Between April 20 and 21, GreyNoise observed the…
CISA Issues Warning on Commvault Web Server Flaw Exploited in the Wild
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert concerning a newly disclosed security flaw in the Commvault Web Server. This vulnerability, now tracked as CVE-2025-3928, could allow remote, authenticated attackers to gain unauthorized access to systems,…
CISA Adds Broadcom Brocade Fabric OS Flaw to Known Exploited Vulnerabilities List
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent security advisory after adding a critical Broadcom Brocade Fabric OS vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog. The flaw, tracked as CVE-2025-1976, affects Broadcom’s widely deployed Brocade Fabric…
FBI Reports ₹1.38 Lakh Crore Loss in 2024, a 33% Surge from 2023
The FBI’s Internet Crime Complaint Center (IC3) has reported a record-breaking loss of $16.6 billion (approximately ₹1.38 lakh crore) due to cyber-enabled crimes in 2024, marking a staggering 33% increase from the previous year. Established 25 years ago, IC3 has…
19 APT Hackers Target Asia-based Company Servers Using Exploited Vulnerabilities and Spear Phishing Email
The NSFOCUS Fuying Laboratory’s global threat hunting system identified 19 sophisticated Advanced Persistent Threat (APT) attack campaigns, predominantly targeting regions across South Asia, East Asia, Eastern Europe, and South America. These incursions highlighted a continuation of targeted cyber espionage and…
RansomHub Ransomware Deploys Malware to Breach Corporate Networks
The eSentire’s Threat Response Unit (TRU) in early March 2025, a sophisticated cyberattack leveraging SocGholish malware, also known as FakeUpdates, was uncovered targeting corporate networks. This attack, orchestrated by affiliates of RansomHub-a notorious Ransomware-as-a-Service (RaaS) group emerging in 2024-demonstrates a…
Python-Based Discord RAT Enables Remote Control and Disruption Through a Simple Interface
A newly analyzed Python-based Remote Access Trojan (RAT) has emerged as a significant cybersecurity threat, utilizing Discord as its command-and-control (C2) platform. Disguised as a benign script, this malware transforms the popular communication tool into a hub for malicious operations,…
Fog Ransomware Reveals Active Directory Exploitation Tools and Scripts
Cybersecurity researchers from The DFIR Report’s Threat Intel Group uncovered an open directory hosted at 194.48.154.79:80, believed to be operated by an affiliate of the Fog ransomware group, which emerged in mid-2024. This publicly accessible server revealed a sophisticated arsenal…
Hannibal Stealer: Cracked Variant of Sharp and TX Malware Targets Browsers, Wallets, and FTP Clients
A new cyber threat, dubbed Hannibal Stealer, has surfaced as a rebranded and cracked variant of the Sharp and TX stealers, originally promoted by the reverse engineering group ‘llcppc_reverse.’ Developed in C# and leveraging the .NET Framework, this information-stealing malware…
Advanced Multi-Stage Carding Attack Hits Magento Site Using Fake GIFs and Reverse Proxy Malware
A multi-stage carding attack has been uncovered targeting a Magento eCommerce website running an outdated version 1.9.2.4. This version, unsupported by Adobe since June 2020, left the site vulnerable due to unpatched security flaws. The malware employed a deceptive .gif…
Rack Ruby Framework Vulnerabilities Let Attackers Inject and Manipulate Log Content
Researchers Thai Do and Minh Pham have exposed multiple critical vulnerabilities in the Rack Ruby framework, a cornerstone of Ruby-based web applications with over a billion global downloads. Identified as CVE-2025-25184, CVE-2025-27111, and CVE-2025-27610, these flaws pose significant risks to…
SAP NetWeaver 0-Day Flaw Actively Exploited to Deploy Webshells
SAP disclosed a critical zero-day vulnerability, identified as CVE-2025-31324, in its NetWeaver Visual Composer component. This vulnerability, with a maximum CVSSv3 severity score of 10.0, stems from a missing authorization check within the Metadata Uploader module of Visual Composer. When exploited,…