The Cybersecurity and Infrastructure Security Agency (CISA) has included a critical deserialization vulnerability affecting Sitecore CMS and Experience Platform (XP). This vulnerability, tracked as CVE-2019-9874, allows unauthenticated attackers to execute arbitrary code by manipulating HTTP POST parameters, specifically the __CSRFTOKEN…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
PoC Exploit Released for Ingress-NGINX RCE Vulnerabilities
A recently disclosed vulnerability in Ingress-NGINX, tracked as CVE-2025-1974, has raised concerns about the security of Kubernetes environments. This vulnerability allows for Remote Code Execution (RCE) through the validating webhook server integrated into Ingress-NGINX. A Proof of Concept (PoC) exploit…
New “ReaderUpdate” macOS Malware Evolves with Nim and Rust Variants
Security researchers at SentinelOne have discovered that ReaderUpdate, a macOS malware loader platform that has been active since at least 2020, has significantly evolved with new variants written in multiple programming languages. The malware, which previously went relatively unnoticed by…
Advanced CoffeeLoader Malware Evades Security to Deliver Rhadamanthys Shellcode
Security researchers at Zscaler ThreatLabz have identified a new sophisticated malware family called CoffeeLoader, which emerged around September 2024. This advanced loader employs numerous techniques to bypass security solutions and evade detection while delivering second-stage payloads, particularly the Rhadamanthys stealer.…
CodeQLEAKED: GitHub Supply Chain Attack Enables Code Execution via CodeQL Repositories
A recent discovery has revealed a potential supply chain attack vulnerability in GitHub’s CodeQL repositories, which could have led to wide-ranging consequences for hundreds of thousands of GitHub users. The exploit hinges on a publicly exposed secret found in a…
OpenAI Offers Up to $100,000 for Critical Infrastructure Vulnerability Reports
OpenAI has announced major updates to its cybersecurity initiatives. The company is expanding its Security Bug Bounty Program, increasing the maximum reward for critical vulnerability reports to $100,000, up from $20,000 previously. This enhanced program aims to attract top security…
Exim Use-After-Free Vulnerability Enables Privilege Escalation
A significant security threat has been uncovered in Exim, a popular open-source mail transfer agent (MTA) widely used in Linux distributions. Identified as CVE-2025-30232, this vulnerability allows for a potentially severe form of exploitation known as a use-after-free (UAF). This…
12 Cybercriminals Arrested After Ghost Communication Platform Shutdown
Law enforcement agencies have successfully dismantled a clandestine communication platform known as “Ghost,” which was used by cybercriminals to coordinate illicit activities. This significant crackdown resulted in the arrest of 12 key suspects, marking a major victory in the fight…
Splunk RCE Vulnerability Enables Remote Code Execution via File Upload
A severe vulnerability in Splunk Enterprise and Splunk Cloud Platform has been identified, allowing for Remote Code Execution (RCE) via file uploads. This exploit can be triggered by a low-privileged user, highlighting significant security risks for affected organizations. Vulnerability Overview:…
Pakistan APT Hackers Weaponize malicious IndiaPost Site to Target Windows and Android Users
A Pakistan-based Advanced Persistent Threat (APT) group, likely APT36, has launched a multi-platform cyberattack campaign targeting Indian users through a fraudulent website impersonating the Indian Post Office. The attack, discovered by CYFIRMA researchers, exploits both Windows and Android vulnerabilities, demonstrating…
B1ack’s Stash Marketplace Actors Set to Release 4 Million Stolen Credit Card Records for Free
In a significant escalation of illicit activities, B1ack’s Stash, a notorious dark web carding marketplace, has announced plans to release an additional 4 million stolen credit card records for free. This move is part of a broader strategy to attract…
Hackers Exploit COM Objects for Fileless Malware and Lateral Movement
Security researchers Dylan Tran and Jimmy Bayne have unveiled a new fileless lateral movement technique that exploits trapped Component Object Model (COM) objects in Windows systems. This method, based on research by James Forshaw of Google Project Zero, allows attackers…
Threat Actors Use “Atlantis AIO” Tool to Automate Credential Stuffing Attacks
In a concerning development for cybersecurity professionals, threat actors are increasingly utilizing a powerful tool called Atlantis AIO to automate and scale credential stuffing attacks across more than 140 platforms. This multi-checker tool, designed to exploit stolen user credentials, has…
New IOCONTROL Malware Let Attackers Control Critical Infrastructure & Gain Remote Access
A new malware strain called IOCONTROL has emerged, posing a significant threat to Internet of Things (IoT) devices and operational technology (OT) systems, particularly those in critical infrastructure. First observed in December 2024, IOCONTROL is allegedly created by the anti-Israeli…
Production Line Camera Flaws Allow Hackers to Disable Recordings
Nozomi Networks Labs has uncovered four severe vulnerabilities in the Inaba Denki Sangyo Co., Ltd. IB-MCT001, a camera widely used in Japanese production plants for recording production stoppages. These security flaws, which remain unpatched, pose significant risks to industrial environments,…
YouTube Creators Targeted by Weaponized Brand Deals Using ‘Clickflix’ Attack Tactic
A new wave of cyberattacks is targeting YouTube creators, leveraging fake brand collaboration offers to distribute malware. Cybersecurity firm CloudSEK has uncovered a sophisticated phishing campaign that employs the “Clickflix” technique to deceive content creators and compromise their systems. The…
Windows MMC Framework Zero-Day Exploited to Execute Malicious Code
Trend Research has uncovered a sophisticated campaign by the Russian threat actor Water Gamayun, exploiting a zero-day vulnerability in the Microsoft Management Console (MMC) framework. The vulnerability, dubbed MSC EvilTwin (CVE-2025-26633), allows attackers to execute malicious code on infected machines.…
CrushFTP Warns of HTTP(S) Port Vulnerability Enabling Unauthorized Access
Both CrushFTP, a popular file transfer technology, and Next.js, a widely used React framework for building web applications, have come under scrutiny due to significant vulnerabilities. Rapid7 has highlighted these issues, emphasizing their potential impact on data security and unauthorized…
Cloudflare Attributes Service Outage to Faulty Password Rotation
Cloudflare experienced a significant service outage that affected several of its key offerings, including R2 object storage, Cache Reserve, Images, Log Delivery, Stream, and Vectorize. The incident, which lasted 1 hour and 7 minutes, was traced back to a faulty…
Windows 11 24H2 Update Disrupts Connection to Veeam Backup Server
Users of the Veeam Backup Server have encountered a significant issue following the Windows 11 24H2 update. Specifically, the update has disrupted the connection between Veeam Recovery Media and the Veeam Backup Server. This problem affects users who have created…