The Tycoon 2FA phishing kit represents one of the most sophisticated threats targeting enterprise environments today. This Phishing-as-a-Service (PhaaS) platform, which emerged in August 2023, has become a formidable adversary against organizational security, employing advanced evasion techniques and adversary-in-the-middle (AiTM)…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Microsoft Plans to Remove Entra Accounts from Authenticator on Jailbroken Devices
Microsoft is rolling out a significant security enhancement for its Authenticator app starting February 2026, introducing jailbreak and root detection capabilities that will automatically wipe Microsoft Entra credentials from compromised devices. This move represents a strategic shift toward strengthening enterprise…
RondoDox Botnet Swells Its Arsenal — 650% Jump in Enterprise-Focused Exploits
The cybersecurity threat landscape shifted dramatically on October 30, 2025, when security researchers monitoring honeypot infrastructure detected a significantly evolved variant of the RondoDox botnet. The updated malware now features 75 distinct exploitation vectors, a fundamental expansion that transforms the…
‘SleepyDuck’ Malware in Open VSX Lets Attackers Remotely Control Windows PCs
Security researchers have identified a dangerous remote access trojan called SleepyDuck lurking in the Open VSX IDE extension marketplace, targeting developers who use code editors like Cursor and Windsurf. The malicious extension masqueraded as a legitimate Solidity programming language helper,…
Balancer DeFi Platform Hit by Major Exploit Resulting in $100M+ in Losses
The decentralised finance (DeFi) ecosystem was rocked by a significant exploit targeting Balancer, one of the leading DeFi platforms. The breach specifically impacted Balancer’s V2 Composable Stable Pools, resulting in losses that reportedly exceed $100 million. This major incident highlights…
Malicious PuTTY Ads Deliver OysterLoader, Allowing Attackers Full Device and Network Access
The Rhysida ransomware gang has been running a sophisticated malvertising campaign that delivers OysterLoader malware through deceptive search engine advertisements, giving attackers complete access to compromised devices and networks. The Rhysida gang, formerly known as Vice Society before rebranding in…
Microsoft’s WSUS Patch Causes Hotpatching Failures on Windows Server 2025
Microsoft has acknowledged a critical issue affecting Windows Server 2025 systems enrolled in the Hotpatch program. A recent Windows Server Update Services (WSUS) patch was inadvertently distributed to machines configured to receive Hotpatch updates, causing disruptions to the seamless patching…
SesameOp: Using the OpenAI Assistants API for Covert C2 Communication
Microsoft’s Detection and Response Team has exposed a sophisticated backdoor malware that exploits the OpenAI Assistants API as an unconventional command-and-control communication channel. Named SesameOp, this threat demonstrates how adversaries are rapidly adapting to leverage legitimate cloud services for malicious…
Apple Releases Security Update Addressing Critical Flaws in iOS 26.1 and iPadOS 26.1
Apple has rolled out new security updates for iOS 26.1 and iPadOS 26.1, released on November 3, 2025, introducing important fixes for a wide range of vulnerabilities. The update is available for iPhone 11 and later models, along with several…
Cybercriminals Exploit RMM Tools to Target Trucking Firms and Hijack Freight
Cybercriminals are orchestrating sophisticated attacks against trucking and freight companies in elaborate schemes designed to steal cargo shipments worth millions. These threat actors are exploiting the digital transformation of the logistics industry, compromising transportation companies to fraudulently bid on legitimate…
Hackers Actively Scanning TCP Ports 8530/8531 for WSUS CVE-2025-59287
Security researchers at the SANS Internet Storm Center have detected a significant spike in suspicious network traffic targeting Windows Server Update Services (WSUS) infrastructure worldwide. The reconnaissance activity focuses specifically on TCP ports 8530 and 8531, which correspond to unencrypted…
Critical UniFi OS Flaw Enables Remote Code Execution
Security researchers have uncovered a severe unauthenticated Remote Code Execution vulnerability in Ubiquiti’s UniFi OS that earned a substantial $25,000 bug bounty reward. Tracked as CVE-2025-52665, this critical flaw allows attackers to gain complete control of UniFi devices without requiring…
Open VSX Registry Responds to Leaked Tokens and Malicious Extension Incident
The Open VSX team and Eclipse Foundation have addressed a significant security incident involving leaked authentication tokens and malicious extensions on their popular code marketplace. The organization has now contained the situation and outlined concrete steps to prevent future attacks.…
New BOF Tool Bypasses Microsoft Teams Cookie Encryption to Steal User Chats
Cybersecurity researchers at Tier Zero Security have released a specialised Beacon Object File (BOF) tool that exploits a critical weakness in Microsoft Teams cookie encryption, enabling attackers to steal user chat messages and other sensitive communications. The vulnerability stems from…
Windows 11 24H2/25H2 Flaw Keeps Task Manager Running After You Close It
Microsoft has acknowledged a persistent bug affecting Windows 11 versions 24H2 and 25H2 that prevents Task Manager from properly terminating when users close the application. The issue causes multiple instances of the system monitoring tool to accumulate in the background,…
Conti Ransomware Operator Extradited to the United States
A Ukrainian national accused of participating in one of the most damaging ransomware campaigns in history has been extradited from Ireland to face charges in the United States. Oleksii Oleksiyovych Lytvynenko, 43, appeared in federal court in Tennessee following his…
EDR-Redir V2 Evades Detection on Windows 11 by Faking Program Files
Security researcher TwoSevenOneT has released EDR-Redir V2, an upgraded evasion tool that exploits Windows bind link technology to bypass endpoint detection and response solutions on Windows 11. The new version demonstrates a sophisticated approach to redirecting security software by manipulating…
OpenAI Introduces Aardvark, an AI Security Agent Powered by GPT-5
OpenAI has announced the launch of Aardvark, an autonomous AI security agent powered by GPT-5 that aims to revolutionize how organizations discover and fix software vulnerabilities. The new tool, currently available in private beta, represents a significant advancement in automated…
Proton Warns of 300 Million Stolen Login Details Circulating on Dark Web
Privacy-focused technology company Proton has issued a warning about the escalating data breach crisis, revealing that hundreds of millions of stolen login credentials are actively circulating on the dark web. Through its Data Breach Observatory initiative, Proton is directly monitoring…
What Rural Internet Providers Offer Remote Communities
Loss of internet access in rural areas is considerably more serious, as it disrupts education, work, and communication. Despite such hurdles, it is rural internet providers serving such remote communities and getting them connected. By understanding what these providers can…