Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Microsoft has recently issued a warning about a novel remote access trojan (RAT) known as StilachiRAT, which poses significant threats to system security by stealing sensitive data, including credentials and cryptocurrency information. This sophisticated malware was discovered by Microsoft Incident…

Read more →

The cybersecurity landscape has witnessed a new threat with the emergence of the DocSwap malware, which disguises itself as a “Document Viewing Authentication App” to deceive users into installing it on their Android devices. This sophisticated malware is suspected to…

Read more →

In a sophisticated phishing campaign uncovered by the BI.ZONE Threat Intelligence team, the Squid Werewolf group, also known as APT37, has been impersonating recruiters to target key employees in various organizations. This espionage cluster uses fake job opportunities to lure…

Read more →

A recent discovery by Xavier Mertens, a senior handler at the Internet Storm Center, has highlighted a sophisticated attack where hackers utilize DLL side-loading to deploy malicious Python code. This technique involves tricking an application into loading a malicious DLL…

Read more →

The Bybit hack, which occurred on February 21, 2025, has been extensively analyzed by multiple cybersecurity teams, including Sygnia. This attack exposed significant security vulnerabilities across various domains, including macOS malware, AWS cloud compromise, application security, and smart contract security.…

Read more →

Alphabet, the parent company of Google, is reportedly in discussions to acquire Wiz, a leading cybersecurity firm, for a staggering $30 billion. This potential acquisition highlights Alphabet’s strategic expansion into the cybersecurity sector, which has become increasingly crucial for businesses…

Read more →

Amazon announced that it will discontinue the local voice processing feature for its AI assistant Alexa. This change, set to take effect on March 28, means that all voice commands will be processed in the cloud instead of on the…

Read more →

Cloudflare has announced the implementation of post-quantum cryptography across its services. This advancement is part of a broader effort to protect customers from potential quantum attacks that could compromise conventional cryptographic systems in the future. Quantum computers, which are rapidly…

Read more →

A critical cybersecurity alert has been issued following the active exploitation of a Server-Side Request Forgery (SSRF) vulnerability in OpenAI’s ChatGPT infrastructure. According to the Veriti report, the vulnerability, identified as CVE-2024-27564, has been weaponized by attackers in real-world attacks,…

Read more →

A new extension for Burp Suite has been released, integrating the powerful secret scanning capabilities of TruffleHog. This innovative integration aims to enhance the detection of live, exploitable credentials within HTTP traffic, making it a valuable tool for security professionals.…

Read more →

Penetration testing companies play a vital role in strengthening the cybersecurity defenses of organizations by identifying vulnerabilities in their systems, applications, and networks. These firms simulate real-world cyberattacks to uncover weaknesses that could be exploited by malicious actors, helping businesses…

Read more →

Cryptocurrency platform OKX has announced the temporary suspension of its Decentralized Exchange (DEX) aggregator tool. This decision comes on the heels of coordinated attacks by certain media outlets and unsuccessful attempts by the notorious Lazarus Group—a hacking entity linked to…

Read more →

Cobalt Strike, a highly advanced threat emulation tool, has released version 4.11, packing a robust suite of features designed to enhance evasion capabilities for red teams. This latest update introduces several novel technologies and improvements, solidifying Cobalt Strike’s position as…

Read more →

A proof-of-concept (PoC) exploit has been released for a use-after-free vulnerability in the Linux kernel, identified as CVE-2024-36904. This vulnerability is located in the TCP subsystem of the Linux kernel and is caused by the inet_twsk_hashdance() function inserting the time-wait socket into…

Read more →

Denmark has announced a heightened alert status for the telecommunications sector due to an increased threat from cyber attacks. According to a recent threat assessment by the Danish Agency for Social Security, the risk level for cyber espionage against the…

Read more →

Google has announced the launch of OSV-Scanner V2, an open-source tool designed to enhance vulnerability scanning and remediation across various software ecosystems. This update follows the recent release of OSV-SCALIBR, another powerful tool in the OSV suite, which together form a comprehensive…

Read more →

SocGholish, a sophisticated malware-as-a-service (MaaS) framework, has been identified as a key enabler in the distribution of RansomHub ransomware. This malicious framework exploits compromised websites by injecting them with obfuscated JavaScript loaders, which redirect users to fake browser update notifications.…

Read more →

A recent investigation has uncovered previously unknown cryptojacking malware, dubbed MassJacker, which primarily targets users who download pirated software from sites like pesktop.com. This malware operates by replacing cryptocurrency wallet addresses copied by users with those belonging to the attackers,…

Read more →

The FBI has issued a warning about a growing threat involving free file conversion tools, which are being used to spread malware. This scam, described as “rampant” by the FBI’s Denver Field Office, targets users who seek online tools to…

Read more →

A critical security incident has been uncovered involving the popular GitHub Action tj-actions/changed-files, which is used in over 23,000 repositories. The attack involves a malicious modification of the Action’s code, leading to the exposure of CI/CD secrets in GitHub Actions…

Read more →