A critical security vulnerability was discovered when a complete 4-terabyte SQL Server backup belonging to Ernst & Young (EY), one of the world’s Big Four accounting firms, was found publicly accessible on Microsoft Azure. The exposure was identified by security…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
PureHVNC RAT Distributed via Weaponized Judicial Documents
The campaign leverages judicial document themes to distribute Hijackloader malware, which subsequently deploys PureHVNC remote access trojan (RAT)—marking the first observed instance where this combination has been used against Spanish-speaking users in Latin America. The campaign represents a significant tactical…
Google Publishes New Guide to Help Defenders Monitor Privileged Accounts
Google has released comprehensive guidance on protecting privileged accounts, recognizing that stolen credentials have become one of the most dangerous attack vectors facing modern organizations. The new recommendations address how attackers increasingly exploit these “keys to the kingdom” to breach…
Google Wear OS Flaw Lets Any App Send Texts on Behalf of Users
A critical vulnerability discovered in Google Messages for Wear OS has exposed millions of smartwatch users to a significant security risk. Identified as CVE-2025-12080, the flaw allows any installed application to send text messages on behalf of the user without…
New ‘Gentlemen’ RaaS Appears on Hacking Forums, Targeting Windows, Linux and ESXi
Threat intelligence researchers have identified a new ransomware-as-a-service (RaaS) operation called The Gentlemen’s RaaS, being actively recruited on underground hacking forums by an operator using the handle zeta88. The cross-platform threat represents a significant evolution in ransomware capabilities, offering attackers…
Hackers Allegedly Leak HSBC USA Customer and Financial Information
A threat actor has claimed responsibility for breaching HSBC USA, the American division of the global investment bank and financial services holding company. The cybercriminal posted an extensive database for sale on underground forums, alleging it contains fresh and comprehensive…
Cybercriminals Launch Flood of Fake Forex Platforms to Harvest Logins
Fraudulent investment platforms impersonating legitimate cryptocurrency and forex exchanges have emerged as the primary financial threat across Asia, with organized crime groups operating at unprecedented scale. These sophisticated scams leverage social engineering tactics to deceive victims into transferring funds to…
New TEE.fail Exploit Steals Secrets from Intel & AMD DDR5 Trusted Environments
Researchers have unveiled a groundbreaking attack dubbed “TEE.fail” that fundamentally compromises the security guarantees of Trusted Execution Environments (TEEs) from Intel and AMD by exploiting DDR5 memory architecture. The attack demonstrates how even the most advanced hardware-backed security features can…
Massive Tata Motors Data Leak Exposes 70+ TB of Sensitive Information
Tata Motors, India’s largest automaker and a major player in the global automotive industry, suffered a catastrophic data exposure that revealed over 70 terabytes of sensitive information through multiple security failures. The breaches, discovered in 2023, involved exposed AWS credentials…
Docker Compose Flaw Lets Attackers Overwrite Arbitrary Files
A path traversal vulnerability discovered in Docker Compose allows attackers to write arbitrary files to host systems through specially crafted OCI artifacts. Tracked as CVE-2025-62725, the flaw was discovered in early October 2025 and carries a high severity rating of…
CISA Issues Alert on Active Exploitation of Dassault Systèmes Security Flaws
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert regarding two severe vulnerabilities discovered in Dassault Systèmes DELMIA Apriso, a widely used manufacturing execution system. The agency has added these flaws to its official list of…
10 NPM Packages That Automatically Run on Install and Steal Credentials
A sophisticated supply chain attack involving ten malicious npm packages that execute automatically upon installation and deploy a comprehensive credential theft operation. The malware uses advanced obfuscation techniques, social engineering tactics, and cross-platform functionality to harvest sensitive authentication data from…
Beast Ransomware Targets Active SMB Connections to Infect Entire Networks
A sophisticated ransomware operation known as Beast has emerged as a significant cybersecurity threat, employing aggressive network propagation tactics that leverage Server Message Block (SMB) port scanning to infiltrate and encrypt systems across enterprise environments. The threat group, which evolved…
XWiki Remote Code Execution Flaw Actively Weaponized for Coinmining
A critical security vulnerability in XWiki collaboration software is being actively exploited by threat actors to deploy cryptocurrency mining malware on vulnerable systems. The flaw, tracked as CVE-2025-24893, represents a serious threat to organizations running unpatched XWiki installations. Cybersecurity researchers…
Gunra Ransomware Targets Windows and Linux with Dual Encryption
The cybersecurity landscape continues to face persistent threats from emerging ransomware groups, with Gunra representing a significant concern since its emergence in April 2025. This threat actor has launched systematic attacks across multiple industries and geographic regions, including documented incidents…
Mozilla Enforces Transparency Rules for Data Collection in New Firefox Extensions
Mozilla has announced a significant transparency initiative for its Firefox browser ecosystem, implementing mandatory data disclosure requirements for extension developers. Starting November 3rd, 2025, all newly submitted Firefox extensions must explicitly declare their data collection and transmission practices within their…
Ethical Prompt Injection: Fighting Shadow AI with Its Own Weapon
AI language models like ChatGPT, DeepSeek, and Copilot are transforming business operations at lightning speed. They help us generate documents, summarise meetings, and even make decisions faster than ever before. But this rapid adoption comes at a price. Employees often…
New Atroposia RAT Uses Hidden Remote Desktop, Vulnerability Scanning and Advanced Persistence
A sophisticated new remote access trojan called Atroposia has emerged in underground cybercrime marketplaces, offering attackers a comprehensive toolkit for hidden remote desktop access, credential theft, and network manipulation at an accessible price point. Security researchers at Varonis recently discovered…
Microsoft Issues Alert on ASP.NET Flaw Allowing HTTP Request Smuggling Attacks
Microsoft has released a critical security update addressing a severe vulnerability in ASP.NET Core that could enable attackers to execute HTTP request smuggling attacks. On October 14, 2025, the company issued patches for CVE-2025-55315, a security feature bypass flaw affecting…
Brida Introduces New Release Offering Complete Support for Latest Frida Integration
The Brida security testing toolkit has released version 0.6, marking a significant update that brings full compatibility with the latest Frida dynamic instrumentation framework. This new release addresses critical compatibility gaps that emerged after Frida’s major overhaul in May 2025,…