SolarWinds Corporation has released an official security advisory in response to a significant data breach involving Salesforce systems. This resulted in unauthorized access to sensitive customer information through compromised OAuth tokens linked to the Salesloft Drift integration. Understanding the Breach…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
0-Click ChatGPT Agent Flaw Exposes Gmail Data to Attackers
Researchers have discovered a critical zero-click vulnerability in ChatGPT’s Deep Research agent that allows attackers to silently steal sensitive Gmail data without any user interaction. This sophisticated attack leverages service-side exfiltration techniques, making it invisible to traditional security defenses and representing a significant escalation…
Top 10 Best NGFW (Next‑Generation Firewall) Providers in 2025
Protecting digital infrastructure is critical in 2025, as cyber threats escalate in complexity and diversity. Next‑Generation Firewalls (NGFWs) have become the cornerstone for enterprise security, offering not just robust traffic filtering, but also deep packet inspection, advanced threat intelligence, and…
Tracking New Entrants in Global Spyware Markets
Lurking in the murky depths of the global marketplace for offensive cyber capabilities sits a particularly dangerous instrument—spyware. Spyware’s danger stems from its acute contribution to human rights abuses and national security risks. Most recently, NSO Group, a notorious spyware…
New ‘shinysp1d3r’ Ransomware-as-a-Service Targets VMware ESXi in Ongoing Development
EclecticIQ analysts assess with high confidence that ShinyHunters is expanding its operations by combining AI-enabled voice phishing, supply chain compromises, and leveraging malicious insiders, such as employees or contractors, who can provide direct access to enterprise networks. ShinyHunters is very…
SonicWall Advises Users to Reset Logins After Config Backup Leak
SonicWall has alerted its customers to reset all login credentials after a recent leak exposed firewall configuration backups. The vendor emphasizes three critical stages—containment, remediation, and monitoring—to minimize risk and restore secure access. Users should follow each stage in order,…
Insight Partners Confirms Data Breach Exposing Users’ Personal Data
Insight Partners, a global venture capital and private equity firm, has officially confirmed a significant data breach that exposed personal information of individuals connected to the company. The breach notification reveals sophisticated attack methods and a months-long timeline that has…
Splunk Publishes Guide to Spot Remote Work Fraud in Organizations
Splunk today unveiled a comprehensive guide designed to empower security teams to detect Remote Employment Fraud (REF) during the critical onboarding phase—when imposters have already passed through HR vetting and background checks and gained network access. Building on the inaugural…
Hackers Target Facebook Accounts in Latest Phishing Attack
A newly discovered phishing campaign is exploiting Facebook’s external URL warning feature to dupe users into handing over their login credentials. By abusing Facebook’s “You’re about to leave Facebook” redirect mechanism, attackers can conceal malicious URLs behind the social media…
PureVPN Vulnerability Reveals IPv6 Address While Reconnecting to Wi-Fi
A critical security vulnerability has been discovered in PureVPN’s Linux clients that exposes users’ real IPv6 addresses during network reconnections, undermining the privacy protections that users expect from their VPN service. The vulnerability affects both the graphical user interface (GUI…
Russian CopyCop Network Expands: 200+ Fake News Sites Target US, Canada, and France
The Russian covert influence network known as CopyCop has significantly expanded its disinformation operations, creating over 200 new fake websites since March 2025 to target audiences in the United States, France, and Canada. Digital fingerprint over the Russian flag symbolizing…
Warlock Ransomware Deployed via Compromised GOLD SALEM Networks and Bypassed Security Solutions
Counter Threat Unit™ (CTU) researchers are tracking a sophisticated threat actor known as Warlock Group, which CTU designates as GOLD SALEM. Since March 2025, the group has compromised enterprise networks and bypassed security solutions to deploy its custom Warlock ransomware.…
Critical WatchGuard Vulnerability Lets Unauthenticated Attackers Run Arbitrary Code
WatchGuard released an advisory detailing a critical vulnerability in its Firebox line of network security appliances. Tracked as CVE-2025-9242, the flaw resides in the iked component of WatchGuard’s Fireware OS. An out-of-bounds write in the IKEv2 handling routine can allow…
TP-Link Router Zero-Day Lets Attackers Execute Code by Bypassing ASLR
Researchers have uncovered a zero-day vulnerability in TP-Link routers that allows attackers to bypass Address Space Layout Randomization (ASLR) and execute arbitrary code remotely. Tracked as CVE-2025-9961, this flaw resides in the CWMP (TR-069) binary and can be triggered through…
Researchers Expose Hidden Alliances Between Ransomware Groups
In the rapidly evolving cyber threat landscape, understanding the true nature of ransomware operations has become increasingly complex. Gone are the days when security teams could treat each ransomware family as a discrete, unified entity. The “post-Conti era” has ushered…
Windows Greenshot Vulnerability Lets Attackers Execute Malicious Code – PoC Published
A critical security vulnerability in the popular Greenshot screenshot utility has been discovered that allows local attackers to execute arbitrary malicious code within the trusted application process. The vulnerability, tracked as CVE-2025-59050, affects Greenshot versions up to 1.3.300 and has been…
Malicious Typosquatted PyPI Packages Spreading SilentSync RAT
On August 4, 2025, Zscaler ThreatLabz uncovered two malicious Python packages—sisaws and secmeasure—that deliver SilentSync, a Python-based remote access trojan (RAT), to unsuspecting developers. Both packages leverage typosquatting to impersonate legitimate libraries in the Python Package Index (PyPI), posing a…
Raven Stealer Targets Google Chrome Users to Exfiltrate Sensitive Data
Raven Stealer, a sophisticated information-stealing malware that has been wreaking havoc on users’ sensitive data. This contemporary malware represents a concerning evolution in credential theft technology, combining advanced evasion techniques with streamlined data exfiltration capabilities. Raven Stealer stands out as…
Hackers Abuse RTL/LTR Text Tricks and Browser Flaws to Mask Malicious Links
Cybersecurity researchers at Varonis Threat Labs have uncovered a persistent vulnerability that has remained unaddressed for over a decade, allowing attackers to exploit browser handling of Right-to-Left (RTL) and Left-to-Right (LTR) text scripts to create deceptive URLs. This technique, known…
Google Chrome 0-Day Under Active Attack – Update Immediately
Google has released an urgent security update for Chrome browser users worldwide, addressing four critical vulnerabilities, including one zero-day exploit that is currently being actively exploited in the wild. The company is urging all users to update their browsers immediately…