A malicious cyber campaign leveraging VenomRAT, a potent Remote Access Trojan (RAT), has been uncovered, posing a significant threat to unsuspecting users through a deceptive website mimicking Bitdefender’s Antivirus for Windows download page. The fraudulent domain, “bitdefender-download[.]com,” lures victims with…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Threat Actors Weaponizing DCOM to Harvest Credentials on Windows Systems
Threat actors are now leveraging the often-overlooked Component Object Model (COM) and its distributed counterpart, Distributed Component Object Model (DCOM), to harvest credentials on Windows systems. As traditional red team methods like direct access to the Local Security Authority Subsystem…
Emerging FormBook Malware Threatens Windows Users with Complete System Takeover
A critical cybersecurity threat has surfaced targeting Microsoft Windows users, as detailed in the latest analysis of the FormBook malware. Documented in Part II of a comprehensive FormBook analysis blog, this malware variant poses a severe risk by enabling attackers…
Hackers Circulate Over 93 Billion Stolen User Cookies on the Dark Web
Web cookies, those ubiquitous pop-ups we routinely dismiss with a click, are small text files stored on your device by websites you visit. While cookies are essential for a seamless browsing experience—remembering your login, shopping cart, or language preferences—they also…
Robinhood Ransomware Operator Arrested for Attacks on Government and Private Networks
On May 27, 2025, Iranian national Sina Gholinejad, 37, pleaded guilty in a North Carolina federal court to charges of computer fraud and conspiracy to commit wire fraud, admitting his central role in the international Robbinhood ransomware campaign that targeted…
CISA Releases Executive Guide on SIEM and SOAR Platforms for Rapid Threat Detection
In today’s rapidly evolving threat landscape, Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms have become foundational to organizational cybersecurity strategies. SIEM platforms collect, centralize, and analyze log data from diverse sources, such as…
MATLAB, Serving Over 5 Million Users, Hit by Ransomware Attack
MathWorks, the renowned developer of MATLAB and Simulink, has been grappling with the aftermath of a significant ransomware attack that began on Sunday, May 18, 2025. The incident, which affected both customer-facing and internal IT systems, prompted immediate notification to…
CISA Publishes ICS Advisories Highlighting New Vulnerabilities and Exploits
On May 27, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released a new Industrial Control Systems (ICS) advisory—ICSA-25-146-01—highlighting a significant security vulnerability in the Johnson Controls iSTAR Configuration Utility (ICU) Tool. This tool is widely deployed for configuring and…
Chrome Security Patch Addresses High-Severity Vulnerabilities Enabling Code Execution
The Chrome team at Google has officially released Chrome 137 to the stable channel for Windows, Mac, and Linux platforms. This update, version 137.0.7151.55/56, brings a host of security improvements, bug fixes, and technical enhancements, reinforcing Chrome’s position as a…
Zero-Interaction libvpx Flaw in Firefox Allows Attackers to Run Arbitrary Code
Mozilla has released Firefox 139, addressing several critical and moderate security vulnerabilities that posed significant risks to users. The update, announced on May 27, 2025, resolves issues ranging from memory corruption and local code execution to cross-origin data leaks, reinforcing…
Threat Actors Use Fake DocuSign Notifications to Steal Corporate Data
DocuSign has emerged as a cornerstone for over 1.6 million customers worldwide, including 95% of Fortune 500 companies, and boasts a user base exceeding one billion. However, this widespread adoption has made DocuSign a prime target for cybercriminals. Leveraging the…
Government Calls on Organizations to Adopt SIEM and SOAR Solutions
In a landmark initiative, international cybersecurity agencies have released a comprehensive series of publications to guide organizations through the implementation and prioritization of Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms. These resources aim…
Hackers Use Fake OneNote Login to Capture Office365 and Outlook Credentials
A recent investigation by security analysts has uncovered a persistent phishing campaign targeting Italian and U.S. users, utilizing a chain of free cloud platforms and Telegram bots for credential harvesting and data exfiltration. The attack typically begins with a phishing…
Microsoft Alerts on Void Blizzard Hackers Targeting Telecommunications and IT Sectors
Microsoft Threat Intelligence Center (MSTIC) has issued a critical warning about a cluster of global cloud abuse activities orchestrated by a threat actor tracked as Void Blizzard, also known as LAUNDRY BEAR. Assessed with high confidence to be Russia-affiliated, Void…
WordPress TI WooCommerce Wishlist Plugin Flaw Puts Over 100,000 Websites at Risk of Cyberattack
A severe security flaw has been identified in the TI WooCommerce Wishlist plugin, a widely used WordPress extension with over 100,000 active installations. This plugin enables WooCommerce store owners to integrate wishlist functionality into their online shops, often alongside other…
APT36 and Sidecopy Hackers Target India’s Critical Infrastructure with Malware Attacks
Seqrite Labs, India’s largest malware analysis facility, has uncovered a sophisticated campaign dubbed Operation Sindoor, orchestrated by Pakistan-aligned threat groups APT36 and Sidecopy. Launched on May 7, 2025, this state-sponsored Advanced Persistent Threat (APT) activity, combined with coordinated hacktivist operations,…
Hackers Exploit Craft CMS Vulnerability to Inject Cryptocurrency Miner Malware
Threat actors have exploited a critical Remote Code Execution (RCE) vulnerability, identified as CVE-2025-32432, in the Craft Content Management System (CMS). Discovered by Orange Cyberdefense in mid-February 2025 and publicly disclosed on April 25, 2025, this flaw carries a maximum…
Velvet Chollima APTHackers Target Government Officials Using Weaponized PDFs
The DPRK-linked Velvet Chollima Advanced Persistent Threat (APT) group has launched a sophisticated cyberattack campaign targeting South Korean government officials, as well as NGOs, government agencies, and media organizations across North America, South America, Europe, and East Asia. Initiated in…
Iranian Cybergroup Toufan Targets Organizations to Steal Login Credentials
A pro-Palestinian cybergroup called Cyber Toufan, which means “cyber storm,” has become a serious threat to Israeli groups in the changing digital battlefield of the Israel-Gaza war. Over the past year, this ideologically driven group has orchestrated over 100 breaches,…
Windows 11 Notepad Introduces AI-Powered Writing with Copilot Integration
Microsoft’s venerable Notepad, a staple of Windows since the 1980s, is undergoing its most significant transformation yet. With the latest Windows 11 Insider builds, Notepad now features integrated generative AI, turning the once-basic text editor into a creative and technical…