A recent snag in Google’s Chrome distribution process has left Windows users unable to install the browser on their Intel and AMD systems. The issue, first reported by Windows Latest on March 25, arises when users attempt to run the ChromeSetup.exe file,…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Raspberry Robin Unveils 200 Unique Domains Used by Threat Actors
In a significant development, cybersecurity firm Silent Push has identified nearly 200 unique command and control (C2) domains associated with the Raspberry Robin malware. This discovery sheds new light on the infrastructure used by this sophisticated threat actor group, which…
Critical NetApp SnapCenter Server Vulnerability Allows Attackers to Gain Admin Access
A critical vulnerability has been identified in NetApp’s SnapCenter Server, affecting versions before 6.0.1P1 and 6.1P1. This flaw allows an authenticated SnapCenter Server user to potentially escalate their privileges to admin on remote systems where SnapCenter plug-ins are installed. The…
North Korean Kimsuky Hackers Deploy New Tactics and Malicious Scripts in Recent Attacks
Security researchers have uncovered a new attack campaign by the North Korean state-sponsored APT group Kimsuky, also known as “Black Banshee.” The group, active since at least 2012, has been observed employing advanced tactics and malicious scripts in their latest…
Clevo Devices Vulnerable as Boot Guard Private Key Leaks via Firmware Updates
A recent investigation has revealed that several Clevo-based devices are vulnerable due to a leak of Boot Guard private keys. This vulnerability was first reported on the Win-Raid forum and involves firmware updates containing sensitive Boot Guard Key Manifest (KM)…
DrayTek Router Vulnerability Exploited in the Wild – Linked to Reboot Loop Issue
The cybersecurity world has been abuzz with reports of widespread reboots affecting DrayTek routers across the globe. While the exact cause of these reboots remains largely unconfirmed, GreyNoise has brought to light significant in-the-wild exploitation of several known vulnerabilities in…
Appsmith Developer Tool Vulnerability Exposes Systems to Remote Code Execution
A recent analysis by Rhino Security Labs has uncovered a series of critical vulnerabilities in the Appsmith developer tool, a platform used for building internal applications such as dashboards and customer support tools. The most severe of these vulnerabilities is…
Google Chrome Zero-Day Vulnerability Actively Exploited in the Wild
Google has released an urgent update for its Chrome browser to patch a zero-day vulnerability known as CVE-2025-2783. This vulnerability has been actively exploited in targeted attacks, utilizing sophisticated malware to bypass Chrome’s sandbox protections. The update, version 134.0.6998.177 for…
CISA Highlights Four ICS Flaws Being Actively Exploited
The Cybersecurity and Infrastructure Security Agency (CISA) released four significant Industrial Control Systems (ICS) advisories, drawing attention to potential security risks and vulnerabilities affecting various industrial control equipment. These advisories underscore the imperative for prompt action to mitigate these threats,…
New Windows Zero-Day Vulnerability Exposes NTLM Credentials – Unofficial Patch Available
A new zero-day vulnerability has been discovered in Windows, impacting all versions from Windows 7 and Server 2008 R2 to the latest Windows 11 v24H2 and Server 2025. This vulnerability allows attackers to obtain NTLM credentials by tricking users into…
Malicious AI Tools See 200% Surge as ChatGPT Jailbreaking Talks Increase by 52%
The cybersecurity landscape in 2024 witnessed a significant escalation in AI-related threats, with malicious actors increasingly targeting and exploiting large language models (LLMs). According to KELA’s annual “State of Cybercrime” report, discussions about exploiting popular LLMs such as ChatGPT, Copilot,…
Cybercriminals Bypass Security Using Legitimate Tools & Browser Extensions to Deliver Malware
In the second half of 2024, cybercriminals have increasingly leveraged legitimate Microsoft tools and browser extensions to bypass security measures and deliver malware, according to Ontinue’s latest Threat Intelligence Report. Threat actors are exploiting built-in Microsoft features like Quick Assist…
New Phishing Campaign Targets Mac Users to Steal Login Credentials
A sophisticated phishing campaign, recently identified by LayerX Labs, has shifted its focus from Windows users to Mac users in response to enhanced security measures implemented by major browsers. Initially, this campaign targeted Windows users by masquerading as Microsoft security…
IDT Corporation Partners with AccuKnox for Zero Trust Runtime IoT/Edge Security
Menlo Park, United States, March 25th, 2025, CyberNewsWire FinTech and Communications Leader, IDT Corporation partners with AccuKnox to deploy runtime security-powered CNAPP (Cloud Native Application Protection Platform) for IoT/Edge Security. AccuKnox, Inc., announced that Telecom and FinTech Leader IDT Corporation has partnered with AccuKnox…
ARACNE: LLM-Powered Pentesting Agent Executes Commands on Real Linux Shell Systems
Researchers have introduced ARACNE, a fully autonomous Large Language Model (LLM)-based pentesting agent designed to interact with SSH services on real Linux shell systems. ARACNE is engineered to execute commands autonomously, marking a significant advancement in the automation of cybersecurity…
Researchers Compare Malware Development in Rust vs C and C++
Security researcher Nick Cerne from Bishop Fox has published findings comparing malware development in Rust versus traditional C/C++ languages. The research demonstrates how Rust provides inherent anti-analysis features that make malware more difficult to reverse engineer. According to Cerne’s analysis,…
Banking Malware Infects 248,000 Mobile Users Through Social Engineering Techniques
In 2024, the number of users affected by mobile banking malware skyrocketed to nearly 248,000, a staggering 3.6-fold increase from the previous year’s 69,000 affected users. This dramatic rise in malicious activity was particularly pronounced in the latter half of…
Active Roles Secures 2025 Cybersecurity Excellence Award for Hybrid AD Protection
Alisa Viejo, United States, March 25th, 2025, CyberNewsWire One Identity, a leader in unified identity security, today announced that One Identity Active Roles has been named a winner in the Hybrid Active Directory Protection category of the 2025 Cybersecurity Excellence Awards. This…
Gartner Names CYREBRO in Emerging Tech Report for Detection & Response Startups
Ramat Gan, Israel, March 25th, 2025, CyberNewsWire CYREBRO, the AI-native Managed Detection and Response (MDR), today announced its recognition as a leading detection and response startup in the Gartner report, Emerging Tech: Techscape for Detection and Response Startups. This acknowledgment…
ARMO Unveils First Cloud App Detection & Response Solution for Seamless Code-to-Cloud Security
Tel Aviv, Israel, March 25th, 2025, CyberNewsWire ARMO CADR minimizes the cloud attack surface, detects and responds to unknown and known cyberattacks while ensuring business continuity, combining the power of CDR and ADR solutions ARMO, the leading Cloud Runtime Security company…