Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

A Data Leak Site (DLS) belonging to a new extortion group named Morpheus, which has stolen data from Arrotex Pharmaceuticals (Australia) on December 12th and PUS GmbH (Germany) on December 20th.  Morpheus offers stolen data for sale on the DLS,…

Read more →

Malicious packages “solanacore,” “solana login,” and “walletcore-gen” on npmjs target Solana developers with Windows trojans and malware for keylogging and data exfiltration via Slack webhooks and ImgBB APIs. These recently discovered crypto-stealers exhibit unusual transparency, openly revealing their malicious intent…

Read more →

is this website safe? In this digital world, Check a website is safe is the most critical concern since there are countless malicious websites available everywhere over the Internet, and it is tough to find a trustworthy website.  We need…

Read more →

GitLab has announced the release of critical updates to its Community Edition (CE) and Enterprise Edition (EE), specifically versions 17.7.1, 17.6.3, and 17.5.5. These updates are essential for maintaining security and stability across all self-managed GitLab installations and should be…

Read more →

A series of serious vulnerabilities have been identified in Palo Alto Networks’ Expedition migration tool, which could allow attackers to gain unauthorized access to sensitive data, including cleartext passwords and device configurations. The vulnerabilities, detailed in multiple Common Vulnerabilities and…

Read more →

The Wireshark development team announced the release of Wireshark version 4.4.3, a critical update that brings several bug fixes and enhancements to this widely used network protocol analyzer. Renowned for its ability to troubleshoot, analyze, and educate users about network…

Read more →

Ivanti released a critical security advisory addressing vulnerabilities in its Connect Secure, Policy Secure, and ZTA Gateways products. This advisory reveals the existence of two significant vulnerabilities, CVE-2025-0282 and CVE-2025-0283, which have been exploited in the wild, necessitating immediate action…

Read more →

Researchers observed the Gayfemboy botnet in early 2024 as a basic Mirai variant. Still, the botnet rapidly evolved through iterative development, including UPX polymorphic packing, integrating N-day vulnerabilities, and ultimately leveraging a 0-day vulnerability in Four-Faith industrial routers.  By November…

Read more →

Since 2013, the advanced persistent threat (APT) known as Kimsuky, which the North Korean government sponsors, has been actively conducting cyber espionage operations.  It employs advanced malware, spearphishing, and social engineering tactics to infiltrate target networks and exfiltrate sensitive data,…

Read more →

Gravy Analytics, a prominent player in location intelligence, has reportedly fallen victim to a significant cyberattack. Initial investigations suggest that hackers have exfiltrated sensitive data, raising concerns over consumer privacy and data security. Founded to enhance business decision-making through location-based…

Read more →

Google has released an update for its Chrome web browser, advancing to version 131.0.6778.264/.265 for Windows and Mac, and 131.0.6778.264 for Linux. This update addresses a series of critical security vulnerabilities and will be rolled out gradually over the coming…

Read more →

The distinction between nation-state actors and organized cybercriminals is becoming increasingly blurred. Both groups now leverage similar tactics, techniques, and procedures (TTP) in their cyber operations, resulting in a complex landscape where motivations and objectives often intersect. This article delves…

Read more →

Washington State Attorney General Bob Ferguson filed a consumer protection lawsuit against T-Mobile for its alleged failure to secure sensitive personal information of over 2 million residents. This lawsuit comes in the wake of a massive data breach that exposed…

Read more →

A recent investigation revealed that the Akira and Fog ransomware groups are actively exploiting the SonicWall NSA vulnerability (CVE-2024-40766) to compromise organizations.  As of December 23, 2024, over 100 companies are suspected to have been victimized by these groups through…

Read more →

A browser extension named PRIVESHIELD automatically creates isolated profiles to group websites based on browsing history and user interaction, which disrupts cross-website tracking practices by preventing cookie-matching methods used for targeted advertising.  The evaluation results show that PRIVESHIELD is more…

Read more →

Stalwart is an innovative open-source mail server solution that supports JMAP, IMAP4, POP3, and SMTP, offering a comprehensive suite of features designed for security, performance, and scalability. Built with Rust, Stalwart stands out for its modern architecture that emphasizes safety…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding the active exploitation of critical vulnerabilities in various software, particularly spotlighting an unspecified vulnerability in Oracle WebLogic Server. This announcement comes as part of CISA’s efforts to enhance…

Read more →

In an age where digital footprints can be traced with just a few clicks, surveillance technology has become a double-edged sword. While it can enhance security and improve services, it also poses significant privacy concerns. One of the most formidable…

Read more →

Researchers discovered critical BIOS/UEFI vulnerabilities in the Illumina iSeq 100 DNA sequencer, where the device utilizes an outdated firmware implementation with CSM mode lacking essential security features like Secure Boot and firmware write protections.   The vulnerability window allows attackers to…

Read more →

Researchers observed a URL attempts to exploit a server-side vulnerability by executing multiple commands through PHP’s system() function. It downloads a malicious executable from a remote server, executes it locally, and attempts to download the same executable using wget while…

Read more →