The cybersecurity landscape witnessed a surge in ransomware activity during the latter half of 2024 and into early 2025, with the emergence of operations like HellCat and Morpheus. Alongside their rise, notable groups such as FunkSec, Nitrogen, and Termite gained…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
370+ Ivanti Connect Secure Exploited Using 0-Day Vulnerability
A major cybersecurity incident has come to light, with more than 370 Ivanti Connect Secure (ICS) devices reportedly compromised through the exploitation of a zero-day vulnerability, CVE-2025-0282. This alarming development, revealed by the shadowserver.org security analysts, highlights escalating risks tied…
BASHE Ransomware Allegedly Leaked ICICI Bank Customers Data
A major cyber threat looms over Indian financial giant ICICI Bank as the notorious BASHE ransomware group, also known as Eraleign (APT73), claims responsibility for a significant data breach. The group has allegedly obtained sensitive customer information and set a…
North Korean IT Workers Steal Companies Source Codes to Demand Ransomware
The Federal Bureau of Investigation (FBI) has issued fresh warnings about malicious activities by North Korean IT workers targeting U.S.-based businesses. According to the latest update, these IT workers are reportedly engaging in data extortion and stealing sensitive proprietary information,…
Zero-Click Outlook RCE Vulnerability (CVE-2025-21298), PoC Released
Microsoft issued a critical patch to address CVE-2025-21298, a zero-click Remote Code Execution (RCE) vulnerability in Windows Object Linking and Embedding (OLE). This flaw exploits a double-free bug in the ole32.dll library, putting millions of systems at risk with minimal…
Critical Vulnerability in Next.js Framework Exposes Websites to Cache Poisoning and XSS Attacks
A new report has put the spotlight on potential security vulnerabilities within the popular open-source framework Next.js, demonstrating how improper caching mechanisms can lead to critical server-side cache poisoning attacks. Developed by Vercel, Next.js remains a cornerstone for building server-rendered…
New Cookie Sandwich Technique Allows Stealing of HttpOnly Cookies
The “Cookie Sandwich Attack” showcases a sophisticated way of exploiting inconsistencies in cookie parsing by web servers. This technique allows attackers to manipulate HTTP cookie headers to expose sensitive session cookies, including those marked with the HttpOnly flag, making it…
Nnice Ransomware Attacking Windows Systems With Advanced Encryption Techniques
CYFIRMA’s Research and Advisory team has identified a new strain of ransomware labeled “Nnice,” following the continuous monitoring of underground forums as part of its Threat Discovery Process. This ransomware specifically targets Windows systems, utilizing advanced encryption methods and employing…
Tycoon 2FA Phishing Kit Using Specially Crafted Code to Evade Detection
The rapid evolution of Phishing-as-a-Service (PhaaS) platforms is reshaping the threat landscape, enabling attackers to launch increasingly sophisticated phishing campaigns. One such advanced PhaaS platform, Tycoon, has seen widespread use since its emergence in August 2023. In November 2024, it…
GhostGPT – Jailbreaked ChatGPT that Creates Malware & Exploits
Artificial intelligence (AI) tools have revolutionized how we approach everyday tasks, but they also come with a dark side. Cybercriminals are increasingly exploiting AI for malicious purposes, as evidenced by the emergence of uncensored chatbots like WormGPT, WolfGPT, and EscapeGPT.…
Microsoft Unveils New Identity Secure Score Recommendations in General Availability
Microsoft has announced the general availability of 11 new Identity Secure Score recommendations in Microsoft Entra, aimed at bolstering organizational security and providing actionable insights to mitigate risks. The Identity Secure Score recommendations are designed to act as a trusted…
Hackers Deliver Ransomware on Windows Via Microsoft Teams Voice Calls
Sophos X-Ops’ Managed Detection and Response (MDR) team has uncovered two highly active threat actor clusters exploiting Microsoft Office 365 to target organizations. Identified as STAC5143 and STAC5777, these clusters use advanced social engineering tactics, such as email bombing, fake…
SonicWall Arbitrary OS Commands Execution Vulnerability Exploited in Attacks
A critical vulnerability in SonicWall’s SMA1000 series tracked as CVE-2025-23006, has come under active exploitation by threat actors. SonicWall’s PSIRT (Product Security Incident Response Team) has issued an urgent advisory urging users to update their systems immediately to mitigate risks. Details…
AI Assistant Jailbreaked to Reveal its System Prompts
Anonymous tinkerer claims to have bypassed an AI assistant’s safeguards to uncover its highly confidential system prompt—the underlying instructions shaping its behavior. The breach, achieved through creative manipulation rather than brute force, has sparked conversations about the vulnerabilities and ethical…
Murdoc Botnet Exploiting AVTECH Cameras & Huawei Routers to Gain Complete Control
Researchers have identified an active malware campaign involving a Mirai botnet variant, dubbed Murdoc, which has been targeting AVTECH cameras and Huawei HG532 routers since at least July 2024. Mass Campaign Leveraging Two Key Vulnerabilities The campaign exploits two known…
Open-Source ClamAV Releases Security Update for Buffer Overflow Vulnerability – Patch Now
ClamAV, a widely used open-source antivirus software, has released security patch updates to address a critical buffer overflow vulnerability (CVE-2025-20128). The vulnerability, identified in the OLE2 file parser, posed a potential risk of denial-of-service (DoS) attacks. Users are urged to…
Rails Apps Arbitrary File Write Vulnerability Let Attackers Execute Code Remotely
A newly exposed vulnerability in Ruby on Rails applications allows attackers to achieve Remote Code Execution (RCE) through a flaw that permits arbitrary file writing. This vulnerability, which leverages the Rails library Bootsnap, underscores the critical importance of secure file handling…
New Supply Chain Attack Targeting Chrome Extensions to Inject Malicious Code
A sophisticated supply chain attack targeting Chrome browser extensions has come to light, potentially compromising hundreds of thousands of users. The attack, which unfolded in December 2024, involved phishing campaigns aimed at extension developers and the injection of malicious code…
New Cookie Sandwich Technique Allows Stealing of HttpOnly cookies
A new attack technique known as the “cookie sandwich” has surfaced, raising significant concerns among cybersecurity professionals. This technique enables attackers to bypass the HttpOnly flag and access sensitive cookies, potentially exposing vulnerable applications to data theft and session hijacking.…
WordPress Plugin Vulnerability Exposes 23k+ Websites to Hacking
Researchers from Patchstack have warned that over 23,000 real estate websites using the popular RealHomes WordPress theme and its bundled Easy Real Estate plugin are exposed to critical security vulnerabilities. These vulnerabilities allow unauthenticated attackers to escalate privileges, take over…