Google has unveiled Sec-Gemini v1, an AI model designed to redefine cybersecurity operations by empowering defenders with advanced threat analysis, vulnerability assessment, and incident response capabilities. The experimental system, developed by a team led by Elie Burzstein and Marianna Tishchenko,…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
U.S. Secures Extradition of Rydox Cybercrime Marketplace Admins from Kosovo in Major International Operation
The United States has successfully extradited two Kosovo nationals, Ardit Kutleshi, 26, and Jetmir Kutleshi, 28, from Kosovo to face charges in the Western District of Pennsylvania for their alleged roles as administrators of the Rydox cybercrime marketplace. The Rydox…
Ivanti Fully Patched Connect Secure RCE Vulnerability That Actively Exploited in the Wild
April 5, 2025 – Ivanti has issued an urgent security advisory for CVE-2025-22457, a critical vulnerability impacting Ivanti Connect Secure, Pulse Connect Secure, Ivanti Policy Secure, and ZTA Gateways. Rated at a CVSS score of 9.0, this stack-based buffer overflow…
Beware! Fake Unpaid Tolls Messages Used in Phishing Attack to Steal Login Credentials
A surge in phishing text messages claiming unpaid tolls has been linked to a massive phishing-as-a-service (PhaaS) operation. These scams, which have been hitting users’ phones in waves, are part of a sophisticated campaign leveraging a platform called Lucid. Cybercriminals…
PoisonSeed Targets CRM and Bulk Email Providers in New Supply Chain Phishing Attack
A sophisticated phishing campaign, dubbed “PoisonSeed,” has been identified targeting customer relationship management (CRM) and bulk email providers to facilitate cryptocurrency-related scams. The threat actors behind this campaign are leveraging compromised credentials to export email lists and send bulk phishing…
EncryptHub Ransomware Uncovered Through ChatGPT Use and OPSEC Failures
EncryptHub, a rapidly evolving cybercriminal entity, has come under intense scrutiny following revelations of operational security (OPSEC) failures and extensive reliance on ChatGPT for its operations. This emerging threat actor has been linked to ransomware campaigns, data theft, and the…
Beware! Weaponized Job Recruitment Emails Spreading BeaverTail and Tropidoor Malware
A concerning malware campaign was disclosed by the AhnLab Security Intelligence Center (ASEC), revealing how threat actors are leveraging fake recruitment emails to distribute malicious payloads. The attackers impersonated Dev.to, a prominent developer community, and lured victims with promises of…
Malicious PyPI Package Targets E-commerce Sites with Automated Carding Script
Cybersecurity researchers from Socket have exposed a malicious Python package on PyPI, named disgrasya, designed to automate credit card fraud on WooCommerce-based e-commerce sites. Unlike conventional supply chain attacks that rely on deception or typosquatting, disgrasya was overtly malicious, leveraging…
DeepSeek-R1 Prompts Abused to Generate Advanced Malware and Phishing Sites
The release of DeepSeek-R1, a 671-billion-parameter large language model (LLM), has sparked significant interest due to its innovative use of Chain-of-Thought (CoT) reasoning. CoT reasoning enables the model to break down complex problems into intermediate steps, enhancing performance on tasks…
Beware of Clickfix: ‘Fix Now’ and ‘Bot Verification’ Lures Deliver and Execute Malware
A sophisticated browser-based malware delivery method, dubbed ClickFix, has emerged as a significant threat to cybersecurity. Leveraging deceptive prompts like “Fix Now” and “Bot Verification,” ClickFix tricks users into executing malicious commands by exploiting familiar system actions. This technique bypasses…
Hackers Use URL Shorteners and QR Codes in Tax-Themed Phishing Attacks
As the United States approaches Tax Day on April 15, cybersecurity experts have uncovered a series of sophisticated phishing campaigns leveraging tax-related themes to exploit unsuspecting users. Microsoft has identified these campaigns as employing advanced redirection techniques such as URL…
State Bar of Texas Confirms Data Breach, Begins Notifying Affected Consumers
The State Bar of Texas has confirmed a data breach following the detection of unauthorized activity on its network earlier this year. According to an official notice, the breach occurred between January 28, 2025, and February 9, 2025, during which…
Chinese Hackers Exploit Ivanti VPN Vulnerability to Deliver Malware Payloads
Ivanti disclosed a critical security vulnerability, CVE-2025-22457, affecting its Connect Secure (ICS) VPN appliances, particularly versions 22.7R2.5 and earlier. This buffer overflow vulnerability enables attackers to achieve remote code execution when exploited successfully. Security researchers from Mandiant and Ivanti have…
Top 20 Best Open-Source SOC Tools in 2025
As cyber threats continue to evolve, Security Operations Centers (SOCs) require robust tools to detect, analyze, and respond to incidents effectively. Open-source SOC tools provide cost-effective, customizable, and community-supported solutions for organizations of all sizes. In this article, we’ll explore…
Hackers Exploit Fast Flux to Evade Detection and Obscure Malicious Servers
Cybersecurity agencies worldwide have issued a joint advisory warning against the growing threat posed by “fast flux,” a sophisticated technique used by malicious actors to evade detection and obscure the locations of their command-and-control (C2) servers. The advisory, released by…
Oracle Reports Data Breach, Initiates Client Notifications
Oracle Corporation has confirmed a data breach involving its older Gen 1 servers, marking its second cybersecurity incident disclosed in recent weeks. This breach underscores vulnerabilities in legacy systems and raises concerns about the company’s ability to safeguard sensitive client…
Vite Development Server Flaw Allows Attackers Bypass Path Restrictions
A critical security vulnerability, CVE-2025-31125, has been identified in the Vite development server. Due to improper path verification during URL request processing, attackers can bypass path restrictions and gain unauthorized access to arbitrary files on affected servers. This flaw is particularly…
Malicious PDFs Responsible for 22% of All Email-Based Cyber Threats
Malicious PDF files have emerged as a dominant threat vector in email-based cyberattacks, accounting for 22% of all malicious email attachments, according to a recent report by Check Point Research. With over 87% of organizations relying on PDFs for business…
New Android Spyware Tricks Users by Demanding Passwords for Uninstallation
A newly identified Android spyware app is elevating its tactics to remain hidden and unremovable by leveraging a password prompt for uninstallation. This unsettling feature effectively blocks users from removing the app unless the correct password—set by the person who…
Critical Apache Parquet Vulnerability Allows Remote Code Execution
A severe vulnerability has been identified in the Apache Parquet Java library, specifically within its parquet-avro module. This flaw, tracked as CVE-2025-30065, exposes systems to potential Remote Code Execution (RCE) attacks. It has been rated Critical with a CVSS score of 10.0, indicating the highest level of…