Cybersecurity researchers have identified a concerning development in the underground cybercrime marketplace: a sophisticated Remote Access Trojan (RAT) being marketed as a fully undetectable (FUD) alternative to the legitimate ScreenConnect remote access solution. This emerging threat represents a significant escalation…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Hackers Deploy New EDR-Freeze Tool to Disable Security Software
A security researcher has released a new tool that can temporarily disable endpoint detection and response (EDR) systems and antivirus software without requiring vulnerable drivers, marking a significant evolution in attack techniques targeting security solutions. Advanced Evasion Through Windows Components…
MalTerminal: New GPT-4-Powered Malware That Writes Its Own Ransomware
A groundbreaking discovery in cybersecurity research has revealed the emergence of ‘MalTerminal’, potentially the earliest known example of Large Language Model (LLM)-enabled malware that leverages OpenAI’s GPT-4 API to dynamically generate ransomware code and reverse shells at runtime. This discovery represents…
New Botnet Exploits Simple DNS Flaws That Leads to Massive Cyber Attack
Cybersecurity researchers have uncovered a sophisticated Russian botnet operation that leveraged DNS misconfigurations and compromised MikroTik routers to deliver malware through massive spam campaigns. The discovery reveals how threat actors exploited simple DNS errors to bypass email security protections and…
Top 10 Best API Security Testing Companies in 2025
In today’s rapidly evolving digital landscape, APIs (Application Programming Interfaces) have become the backbone of online business, connecting services, and enabling new customer experiences. However, as the API footprint grows, so does the attack surface making robust API security testing…
HubSpot’s Jinjava Engine Flaw Exposes Thousands of Sites to RCE Attacks
A critical security vulnerability has been discovered in HubSpot’s Jinjava template engine, potentially exposing thousands of websites and applications to remote code execution attacks. The flaw, tracked as CVE-2025-59340, carries the maximum CVSS score of 10.0, indicating the severity of the…
AI-Driven Phishing Attacks: Deceptive Tactics to Bypass Security Systems
Since January, Trend Micro has tracked a surge in phishing campaigns using AI-powered platforms (Lovable, Netlify, Vercel) to host fake captcha pages that lead to phishing websites. This ploy misleads users and evades security tools. Victims are first shown a…
Luxury Jeweler Tiffany Reports Data Breach Exposing User Personal Data
Luxury jeweler Tiffany and Company has confirmed a data breach that exposed the personal information of 2,590 customers. The company discovered unauthorized access to an external system on September 9, 2025, but determined the incident first occurred on May 12, 2025.…
Nokia CBIS/NCS Manager API Vulnerability Allows Attackers to Bypass Authentication
On September 18, 2025, Orange Cert publicly disclosed a critical authentication bypass vulnerability affecting Nokia’s CBIS (CloudBand Infrastructure Software) and NCS (Nokia Container Service) Manager API (CVE-2023-49564). With a CVSS 3.1 score of 9.6 (AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H), the vulnerability poses a severe…
UK Police Arrest Two Scattered Spider Hackers Over London Transport Breach
UK law enforcement agencies have arrested two individuals linked to the notorious Scattered Spider cybercriminal group. The arrests, announced on Tuesday, pertain to a sophisticated attack on London’s transport systems. Authorities say the suspects infiltrated critical infrastructure networks, demanding ransom…
Russian Hacking Groups Gamaredon and Turla Target Organizations to Deliver Kazuar Backdoor
Silhouetted hooded figures represent Russian hackers operating under the auspices of the FSB against targeted organizations. Two prominent Russian state-sponsored hacking groups, Gamaredon and Turla, have been observed collaborating in sophisticated cyberattacks targeting Ukrainian organizations to deploy the advanced Kazuar…
CISA Alerts of Hackers Targeting Ivanti Endpoint Manager Mobile Vulnerabilities to Distribute Malware
Cyber threat actors have weaponized two critical Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities—CVE-2025-4427 and CVE-2025-4428—to deploy sophisticated malicious loaders and listeners on compromised servers. The malware consists of two sets of components: Loader 1 (web-install.jar, ReflectUtil.class, SecurityHandlerWanListener.class) and Loader 2…
Weaponized ScreenConnect App Spreads AsyncRAT and PowerShell RAT
Remote Monitoring and Management tools such as ConnectWise ScreenConnect have earned a reputation for simplifying IT administration, but they have also drawn the attention of sophisticated attackers. By abusing ScreenConnect’s trusted installation footprint and deep system privileges, adversaries are now…
New iOS Video Injection Tool Bypasses Biometric Locks on Jailbroken iPhones
A newly discovered video injection tool for iOS devices that have been jailbroken poses a serious threat to modern digital identity verification. Developed to run on iOS 15 or later, this highly specialized toolkit can circumvent weak biometric checks and…
Russian Airline Hit by Cyberattack, Website and Systems Disrupted
Russian regional carrier KrasAvia is grappling with a major IT outage after what appears to be a cyberattack. Passengers have been unable to buy tickets online, and flight operations have been forced to switch to manual procedures. The airline confirmed…
Windows 11 Notepad to Receive AI Upgrade for Free Text Writing and Summarizing
Microsoft has announced a significant upgrade to Windows 11 Notepad, introducing powerful artificial intelligence features that will revolutionize how users create and edit text. The update brings AI-powered writing assistance directly to the classic text editor, offering capabilities previously available only in…
Cloudflare Confirms API Outage Caused by React useEffect Overload Issue
Cloudflare experienced a significant outage on September 12, 2025, affecting its Tenant Service API, multiple APIs, and the Cloudflare Dashboard. The company has confirmed that the incident was primarily triggered by a React programming bug that caused excessive API calls,…
Researchers Reveal Connection Between Belsen and ZeroSeven Cybercrime Groups
In a groundbreaking analysis, cybersecurity firm KELA reveals striking parallels in operational style, target selection, and online presence that suggest a possible connection between two Yemen-linked threat actors: the recently surfaced Belsen Group and the long-standing ZeroSevenGroup. Who Is the…
SystemBC Botnet Compromises 1,500 VPS Every Day to Rent Out for DDoS Attacks
SystemBC, a resilient socks5 malware network first spotted in 2019, has dramatically evolved its proxy infrastructure by compromising an average of 1,500 virtual private servers (VPS) each day. This shift from residential devices to large-scale VPS nodes grants threat actors…
New Loader “CountLoader” Uses PDFs to Launch Ransomware Attacks
Security researchers have uncovered a sophisticated new malware loader called “CountLoader” that leverages weaponized PDF files to deliver ransomware payloads to victims across multiple regions, with particular focus on Ukrainian targets. CountLoader represents a significant escalation in malware delivery techniques,…