Cal.com has disclosed a critical authentication bypass vulnerability that could allow attackers to gain unauthorized access to user accounts by exploiting a flaw in password verification logic. The flaw, tracked as CVE-2025-66489 and assigned a critical CVSS v4 score of…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Indonesia’s Gambling Industry Reveals Clues of Nationwide Cyber Involvement
A massive Indonesian-speaking cybercrime operation spanning over 14 years has been uncovered, revealing a sophisticated infrastructure that shows hallmarks of state-level backing and resources typically associated with advanced persistent threat actors. Security researchers at Malanta have exposed what may be…
Barts Health NHS Reveals Data Breach Linked to Oracle Zero-Day Exploited by Clop Ransomware
Barts Health NHS Trust has disclosed a significant data breach affecting patient and staff information after the Cl0p ransomware gang exploited a critical vulnerability in Oracle E-Business Suite software. The criminal syndicate stole files from an invoice database. It published…
Malicious Go Packages Impersonate Google’s UUID Library to Steal Sensitive Data
A hidden danger has been lurking in the Go programming ecosystem for over four years. Security researchers from the Socket Threat Research Team have discovered two malicious software packages that impersonate popular Google tools. These fake packages, designed to trick…
FvncBot Android Malware Steals Keystrokes and Injects Harmful Payloads
A newly discovered Android banking trojan, FvncBot, has emerged as a sophisticated threat targeting mobile banking users in Poland. Researchers from Intel 471 first identified this malware on November 25, 2025, disguised as a security application from mBank, one of…
2.15M Next.js Web Services Exposed Online, Active Attacks Reported – Update Immediately
Security teams worldwide are rushing to patch systems after the disclosure of a critical React vulnerability, CVE-2025-55182, widely known as “React2Shell.” The flaw affects React Server Components (RSC) and has a maximum CVSS score of 10, the highest possible rating,…
Apache Tika Core Flaw Allows Attackers to Exploit Systems with Malicious PDF Uploads
A newly disclosed critical vulnerability in Apache Tika could allow attackers to compromise servers by simply uploading a malicious PDF file, according to a security advisory published by Apache maintainers. Tracked as CVE-2025-66516, the flaw affects Apache Tika core, Apache Tika parsers, and the Apache Tika PDF…
MuddyWater Hackers Use UDPGangster Backdoor to Bypass Network Defenses on Windows
The MuddyWater threat group has escalated its cyber espionage operations by deploying UDPGangster, a sophisticated UDP-based backdoor designed to infiltrate Windows systems while systematically evading traditional network defenses. Recent intelligence gathered by FortiGuard Labs reveals coordinated campaigns targeting high-value victims…
Threat Actors Distribute CoinMiner Malware through USB Drives to Infect Workstations
Cybercriminals continue to exploit USB drives as infection vectors, with recent campaigns delivering sophisticated CoinMiner malware that establishes persistent cryptocurrency-mining operations on compromised workstations. Security researchers have documented an evolving threat that leverages social engineering and evasion techniques to avoid…
Avast Antivirus Sandbox Vulnerabilities Allow Privilege Escalation
SAFA researchers uncovered four kernel heap overflow vulnerabilities in Avast Antivirus’s aswSnx.sys driver, designated CVE-2025-13032, affecting versions before 25.3 on Windows. These flaws originate from double-fetch issues in IOCTL handling, allow local attackers to trigger pool overflows for privilege escalation…
NCSC Launches Proactive Notification Service to Alert System Owners of Vulnerabilities
The UK’s National Cyber Security Centre (NCSC) has introduced a new initiative designed to protect organisations from cyber threats. Working alongside Netcraft, the NCSC has launched the Proactive Notification Service, a groundbreaking program that identifies and alerts system owners about security…
Hackers Exploiting ArrayOS AG VPN Vulnerability to Deploy Webshells
A critical command injection vulnerability in Array Networks’ ArrayOS AG systems has become the focus of active exploitation campaigns, with Japanese organizations experiencing confirmed attacks since August 2025. According to alerts from JPCERT/CC, threat actors are leveraged the vulnerability to install webshells…
Russian Calisto Hackers Target NATO Research with ClickFix Malware
Russian intelligence-linked cyber threat actors have intensified their operations against NATO research organizations, Western defense contractors, and NGOs supporting Ukraine, employing sophisticated phishing and credential harvesting techniques. The Calisto intrusion set, attributed to Russia’s FSB intelligence service, has escalated its…
Russian Hackers Imitate European Events in Coordinated Phishing Campaigns
Russian state-linked hackers are impersonating high-profile European security conferences to compromise cloud email and collaboration accounts at governments, think tanks, and policy organizations, according to new research from cybersecurity firm Volexity. The campaigns, active through late 2025, abuse legitimate Microsoft…
Hackers Using CastleRAT Malware to Attack Windows Systems and Gain Remote Access
The cybersecurity landscape continues to evolve as threat actors deploy increasingly sophisticated tools to compromise Windows-based infrastructure. CastleRAT, a Remote Access Trojan that emerged around March 2025, represents a significant addition to the malware arsenal that defenders must now contend…
New SVG Technique Enables Highly Interactive Clickjacking Attacks
A security researcher has unveiled a novel web exploitation technique dubbed “SVG clickjacking,” which significantly elevates the sophistication of traditional user-interface redress attacks. Unlike standard clickjacking, which typically involves tricking users into clicking a hidden button on a static overlay,…
New Stealthy Linux Malware Merges Mirai-based DDoS Botnet with Fileless Cryptominer
Cybersecurity researchers uncover a sophisticated Linux campaign that blends legacy botnet capabilities with modern evasion techniques. A newly discovered Linux malware campaign is demonstrating the evolving sophistication of threat actors by combining Mirai-derived distributed denial-of-service (DDoS) functionality with a stealthy,…
CISA, NSA Alert on BRICKSTORM Malware Targeting VMware ESXi and Windows Systems
The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA), joined by Canadian cyber authorities, have issued a joint alert warning of a sophisticated new malware campaign dubbed “BRICKSTORM.” According to the advisory released, state-sponsored hackers from…
Akamai Fixes HTTP Request Smuggling Flaw in Edge Servers
Akamai has fixed a vulnerability in its edge servers that could have allowed HTTP Request Smuggling attacks. The issue was entirely resolved on November 17, 2025, and the company says no action is needed from customers. The flaw is now…
Sryxen Malware Uses Headless Browser Trick to Bypass Chrome Protections
A new Windows-focused information stealer dubbed “Sryxen” is drawing attention in the security community for its blend of modern browser credential theft and unusually aggressive anti-analysis protections. Sold as malware-as-a-service (MaaS) and written in C++ for 64-bit Windows, Sryxen targets…