Security researchers have discovered a sophisticated phishing technique that weaponizes invisible Unicode characters embedded within email subject lines using MIME encoding—a tactic that remains largely unknown among email security professionals. The discovery reveals how attackers are evolving their evasion methods…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Herodotus: New Android Malware Mimics Human Behavior to Bypass Biometric Security
A sophisticated new Android banking Trojan named Herodotus has emerged as a significant threat to mobile users, introducing a novel approach that deliberately mimics human typing patterns to evade behavioral biometrics detection systems. The malware’s sophisticated approach to avoiding detection…
MuddyWater’s Phoenix Backdoor Infects More Than 100 Government Organizations
Advanced Persistent Threat (APT) MuddyWater has orchestrated a sophisticated phishing campaign targeting over 100 government entities across the Middle East, North Africa, and international organizations worldwide. Group-IB Threat Intelligence has attributed the campaign to the Iran-linked threat actor with high…
IPFire 2.29 Released with Enhanced Intrusion Prevention System Reporting
The IPFire project has announced the release of version 2.29, Core Update 198, marking a significant milestone in the open-source firewall’s evolution. This update introduces transformative improvements to the Intrusion Prevention System, coupled with comprehensive reporting capabilities that fundamentally change…
Active Directory at Risk Due to Domain-Join Account Misconfigurations
Active Directory domain join accounts are systematically exposing enterprise environments to compromise, even when administrators follow Microsoft’s official guidance. A comprehensive security analysis reveals that these specialized accounts inherit excessive privileges by default, creating a direct pathway for attackers to…
Anivia Stealer Peddled on Dark Web with UAC Bypass
A newly advertised information-stealing malware called Anivia Stealer has surfaced on the dark web, with threat actor ZeroTrace aggressively promoting the C++17-based infostealer as a commercial malware-as-a-service offering. The malware implements sophisticated privilege escalation capabilities, including automatic User Account Control…
FileFix + Cache Smuggling: A New Evasion Combo
Cybersecurity researchers have uncovered a sophisticated evolution in phishing attacks that combines FileFix social engineering with cache smuggling techniques to bypass modern security defenses. This hybrid attack method eliminates the need for malicious code to make web requests, instead extracting…
Zero-Click Exploit Targets MCP and Linked AI Agents to Stealthily Steal Data
Operant AI’s security research team has uncovered Shadow Escape, a dangerous zero-click attack that exploits the Model Context Protocol to steal sensitive data through AI assistants. The attack works with widely used platforms, including ChatGPT, Claude, Gemini, and other AI…
BlueNoroff Shifts Tactics: Targets C-Suite and Managers with New Infiltration Methods
The North Korean-linked threat group BlueNoroff, also known by aliases including Sapphire Sleet, APT38, and Alluring Pisces, continues to evolve its attack tactics while maintaining its primary focus on financial gain. The group has shifted its strategy to employ sophisticated…
New GhostGrab Android Malware Silently Steals Banking Login Details and Intercept SMS for OTPs
A sophisticated new Android malware family called GhostGrab is actively targeting mobile users with a dual-monetization strategy that combines covert cryptocurrency mining with comprehensive financial data theft. GhostGrab functions as a multifaceted threat that systematically harvests banking credentials, debit card…
Critical QNAP .NET Flaw Lets Attackers Bypass Security Protections
A significant security vulnerability has emerged affecting QNAP’s NetBak PC Agent software through a critical flaw in Microsoft ASP.NET Core. The vulnerability, tracked as CVE-2025-55315, exploits HTTP Request Smuggling techniques to bypass essential security controls and could expose thousands of…
Water Saci Hackers Use WhatsApp to Deploy Persistent SORVEPOTEL Malware
Trend Micro Research has identified a significant evolution in the aggressive Water Saci malware campaign, revealing a new infection chain that abandons traditional .NET-based delivery methods in favor of sophisticated script-driven techniques. On October 8, 2025, researchers discovered file downloads…
Sweden’s Power Grid Operator Admits Data Breach Linked to Everest Ransomware Gang
Svenska kraftnät, Sweden’s national power grid operator, has confirmed it suffered a significant data breach that exposed certain information to unauthorized parties. The incident, disclosed on October 26, 2025, is linked to the notorious Everest ransomware gang, marking a concerning…
CISA Alerts on Critical Veeder-Root Flaws Allowing Attackers to Execute System Commands
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert regarding serious vulnerabilities in Veeder-Root’s TLS4B Automatic Tank Gauge System. Released on October 23, 2025, the alert warns that attackers could exploit these flaws to take control…
Gamaredon Phishing Campaign Exploits WinRAR Vulnerability to Target Government Agencies
Cybersecurity researchers have uncovered a sophisticated phishing campaign orchestrated by the notorious Gamaredon threat group, specifically targeting government entities through exploitation of a critical WinRAR vulnerability. The attack leverages CVE-2025-8088, a path traversal vulnerability in the popular file compression software,…
OpenAI Atlas Browser Vulnerability Lets Attackers Execute Malicious Scripts in ChatGPT
Cybersecurity firm LayerX has identified a critical vulnerability in OpenAI’s ChatGPT Atlas browser that allows malicious actors to inject harmful instructions into ChatGPT’s memory and execute remote code. This security flaw poses significant risks to users across all browsers but…
Beware of Free Video Game Cheats that Deliver Infostealer Malwares
The competitive gaming landscape has become a breeding ground for cybercriminals who exploit players’ desire to gain an unfair advantage. While major esports tournaments like last year’s CS2 PGL Major in Copenhagen boast prize pools reaching $1.25 million, the temptation…
Apache Tomcat Flaws Allow Remote Code Execution on Vulnerable Servers
The Apache Software Foundation has disclosed two security vulnerabilities affecting multiple versions of Apache Tomcat, with one flaw posing a serious risk of remote code execution on vulnerable servers. The flaws impact Apache Tomcat versions 9, 10, and 11, prompting…
nsKnox Launches Adaptive Payment Security™, Revolutionizing B2B Fraud Prevention by Solving the ‘Impossible Triangle’ of Speed, Certainty, and Effort
New York, New York, USA, October 27th, 2025, CyberNewsWire nsKnox, a leader in payment security, today announced the launch of Adaptive Payment Security, a groundbreaking enhancement to its PaymentKnox platform designed to eliminate B2B payment fraud by providing the fastest…
Critical Chrome 0-Day Under Attack: Mem3nt0 Mori Hackers Actively Exploiting Vulnerability
In March 2025, security researchers at Kaspersky detected a sophisticated campaign exploiting a previously unknown Chrome vulnerability to deliver advanced spyware to high-profile targets. The attack, dubbed Operation ForumTroll, leveraged personalized phishing links to compromise organizations across Russia, including media…