CYFIRMA’s Research and Advisory team has identified a new strain of ransomware labeled “Nnice,” following the continuous monitoring of underground forums as part of its Threat Discovery Process. This ransomware specifically targets Windows systems, utilizing advanced encryption methods and employing…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Tycoon 2FA Phishing Kit Using Specially Crafted Code to Evade Detection
The rapid evolution of Phishing-as-a-Service (PhaaS) platforms is reshaping the threat landscape, enabling attackers to launch increasingly sophisticated phishing campaigns. One such advanced PhaaS platform, Tycoon, has seen widespread use since its emergence in August 2023. In November 2024, it…
GhostGPT – Jailbreaked ChatGPT that Creates Malware & Exploits
Artificial intelligence (AI) tools have revolutionized how we approach everyday tasks, but they also come with a dark side. Cybercriminals are increasingly exploiting AI for malicious purposes, as evidenced by the emergence of uncensored chatbots like WormGPT, WolfGPT, and EscapeGPT.…
Microsoft Unveils New Identity Secure Score Recommendations in General Availability
Microsoft has announced the general availability of 11 new Identity Secure Score recommendations in Microsoft Entra, aimed at bolstering organizational security and providing actionable insights to mitigate risks. The Identity Secure Score recommendations are designed to act as a trusted…
Hackers Deliver Ransomware on Windows Via Microsoft Teams Voice Calls
Sophos X-Ops’ Managed Detection and Response (MDR) team has uncovered two highly active threat actor clusters exploiting Microsoft Office 365 to target organizations. Identified as STAC5143 and STAC5777, these clusters use advanced social engineering tactics, such as email bombing, fake…
SonicWall Arbitrary OS Commands Execution Vulnerability Exploited in Attacks
A critical vulnerability in SonicWall’s SMA1000 series tracked as CVE-2025-23006, has come under active exploitation by threat actors. SonicWall’s PSIRT (Product Security Incident Response Team) has issued an urgent advisory urging users to update their systems immediately to mitigate risks. Details…
AI Assistant Jailbreaked to Reveal its System Prompts
Anonymous tinkerer claims to have bypassed an AI assistant’s safeguards to uncover its highly confidential system prompt—the underlying instructions shaping its behavior. The breach, achieved through creative manipulation rather than brute force, has sparked conversations about the vulnerabilities and ethical…
Murdoc Botnet Exploiting AVTECH Cameras & Huawei Routers to Gain Complete Control
Researchers have identified an active malware campaign involving a Mirai botnet variant, dubbed Murdoc, which has been targeting AVTECH cameras and Huawei HG532 routers since at least July 2024. Mass Campaign Leveraging Two Key Vulnerabilities The campaign exploits two known…
Open-Source ClamAV Releases Security Update for Buffer Overflow Vulnerability – Patch Now
ClamAV, a widely used open-source antivirus software, has released security patch updates to address a critical buffer overflow vulnerability (CVE-2025-20128). The vulnerability, identified in the OLE2 file parser, posed a potential risk of denial-of-service (DoS) attacks. Users are urged to…
Rails Apps Arbitrary File Write Vulnerability Let Attackers Execute Code Remotely
A newly exposed vulnerability in Ruby on Rails applications allows attackers to achieve Remote Code Execution (RCE) through a flaw that permits arbitrary file writing. This vulnerability, which leverages the Rails library Bootsnap, underscores the critical importance of secure file handling…
New Supply Chain Attack Targeting Chrome Extensions to Inject Malicious Code
A sophisticated supply chain attack targeting Chrome browser extensions has come to light, potentially compromising hundreds of thousands of users. The attack, which unfolded in December 2024, involved phishing campaigns aimed at extension developers and the injection of malicious code…
New Cookie Sandwich Technique Allows Stealing of HttpOnly cookies
A new attack technique known as the “cookie sandwich” has surfaced, raising significant concerns among cybersecurity professionals. This technique enables attackers to bypass the HttpOnly flag and access sensitive cookies, potentially exposing vulnerable applications to data theft and session hijacking.…
WordPress Plugin Vulnerability Exposes 23k+ Websites to Hacking
Researchers from Patchstack have warned that over 23,000 real estate websites using the popular RealHomes WordPress theme and its bundled Easy Real Estate plugin are exposed to critical security vulnerabilities. These vulnerabilities allow unauthenticated attackers to escalate privileges, take over…
Cisco Warns of Meeting Management API Privilege Escalation Vulnerability
Cisco has issued a critical advisory regarding a privilege escalation vulnerability in its Meeting Management REST API. The flaw tracked as CVE-2025-20156, allows a remote, authenticated attacker with low privileges to elevate their access to administrator-level control on affected devices, posing…
The Growing Role of AI-Powered SAST in the Developer Toolkit
In today’s app dev world, where new apps and millions of lines of code are being deployed every day, the need for fast and secure development practices has never been greater. Static Application Security Testing (SAST) plays a big role…
Ex-CIA Analyst Pleaded Guilty For Leaking Top Secret National Defense Information
A former CIA analyst, Asif William Rahman, has pleaded guilty to charges of retaining and transmitting Top Secret National Defense Information to unauthorized recipients. This alarming breach of national security came to light after classified information was publicly posted on…
Record Breaking 5.6 Tbps DDoS attack Launched by Mirai Botnet
The Mirai botnet unleashed a record-breaking Distributed Denial of Service (DDoS) attack on October 29, 2024, peaking at an astonishing 5.6 terabits per second (Tbps). This mega surge of malicious traffic targeted a Cloudflare customer, an Internet Service Provider (ISP)…
Three New ICS Advisories Released by CISA Detailing Vulnerabilities & Mitigations
The Cybersecurity and Infrastructure Security Agency (CISA) announced three new Industrial Control Systems (ICS) advisories. These advisories provide critical insights into vulnerabilities impacting Traffic Alert and Collision Avoidance Systems (TCAS) II, Siemens SIMATIC S7-1200 CPUs, and ZF Roll Stability Support…
IBM i Access Client Solutions Might Be Leaking Your Passwords
A potential security flaw in IBM i Access Client Solutions (ACS) has raised serious concerns about password leakage, leaving users vulnerable to exploitation. Research published yesterday by a vulnerability assessment team revealed that the *WINLOGON authentication feature in IBM ACS…
Security Researchers Discover Critical RCE Vulnerability, Earn $40,000 Bounty
Cybersecurity researchers Abdullah Nawaf and Orwa Atyat, successfully escalated a limited path traversal vulnerability into a full-blown remote code execution (RCE). Their discovery earned a massive $40,000 bounty from the targeted organization’s bug bounty program. The team documented their step-by-step…