Denmark has announced a heightened alert status for the telecommunications sector due to an increased threat from cyber attacks. According to a recent threat assessment by the Danish Agency for Social Security, the risk level for cyber espionage against the…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Google Launches Open-Source OSV-Scanner for Detecting Security Vulnerabilities
Google has announced the launch of OSV-Scanner V2, an open-source tool designed to enhance vulnerability scanning and remediation across various software ecosystems. This update follows the recent release of OSV-SCALIBR, another powerful tool in the OSV suite, which together form a comprehensive…
SocGholish Exploits Compromised Websites to Deliver RansomHub Ransomware
SocGholish, a sophisticated malware-as-a-service (MaaS) framework, has been identified as a key enabler in the distribution of RansomHub ransomware. This malicious framework exploits compromised websites by injecting them with obfuscated JavaScript loaders, which redirect users to fake browser update notifications.…
MassJacker Clipper Malware Targets Users Installing Pirated Software
A recent investigation has uncovered previously unknown cryptojacking malware, dubbed MassJacker, which primarily targets users who download pirated software from sites like pesktop.com. This malware operates by replacing cryptocurrency wallet addresses copied by users with those belonging to the attackers,…
Beware! Malware Hidden in Free Word-to-PDF Converters
The FBI has issued a warning about a growing threat involving free file conversion tools, which are being used to spread malware. This scam, described as “rampant” by the FBI’s Denver Field Office, targets users who seek online tools to…
Supply Chain Attack Targets 23,000 GitHub Repositories
A critical security incident has been uncovered involving the popular GitHub Action tj-actions/changed-files, which is used in over 23,000 repositories. The attack involves a malicious modification of the Action’s code, leading to the exposure of CI/CD secrets in GitHub Actions…
Hackers Rapidly Adopt ClickFix Technique for Sophisticated Attacks
In recent months, a sophisticated social engineering technique known as ClickFix has gained significant traction among cybercriminals and nation-state-sponsored groups. This method exploits human psychology by presenting users with fake prompts that appear to resolve a non-existent issue, effectively bypassing…
Wazuh SIEM Vulnerability Enables Remote Malicious Code Execution
A critical vulnerability, identified as CVE-2025-24016, has been discovered in the Wazuh Security Information and Event Management (SIEM) platform. This vulnerability affects versions 4.4.0 to 4.9.0 and allows attackers with API access to execute arbitrary Python code remotely, potentially leading…
Kentico Xperience CMS Vulnerability Enables Remote Code Execution
In recent security research, vulnerabilities in the Kentico Xperience CMS have come to light, highlighting significant risks for users who rely on this Content Management System (CMS). Specifically, two primary issues were identified: an Authentication Bypass vulnerability and a Post-Authentication Remote Code Execution…
Espressif Systems Flaws Allow Hackers to Execute Arbitrary Code
A series of vulnerabilities has been discovered in Espressif Systems’ ESP32 devices, specifically affecting the BluFi module within the ESP-IDF framework. BluFi is designed to simplify WiFi configuration using a Bluetooth interface. These flaws, identified by the NCC Group, enable…
AI Operator Agents Helping Hackers Generate Malicious Code
Symantec’s Threat Hunter Team has demonstrated how AI agents like OpenAI’s Operator can now perform end-to-end phishing attacks with minimal human intervention, marking a significant evolution in AI-enabled threats. A year ago, Large Language Model (LLM) AIs were primarily passive…
Researchers Remotely Hack Commercial Trucks & Buses to Unlock Them
Security researchers have issued an urgent warning that commercial trucks and buses are significantly more vulnerable to cybersecurity attacks than passenger vehicles, potentially leading to catastrophic consequences. According to a comprehensive analysis by security experts, trucks represent more attractive targets…
Zoom Team Chat Decrypted, Exposing User Activity Data
Cybersecurity experts have successfully decrypted Zoom Team Chat data, revealing a wealth of information about user activities. This achievement underscores the importance of digital forensics in uncovering hidden digital evidence. The focus on Zoom Team Chat artifacts has shown that,…
Millions of RSA Keys Exposed, Revealing Serious Exploitable Flaws
A recent study has highlighted a significant vulnerability in RSA keys used across the internet, particularly in IoT devices. Researchers collected and analyzed a vast dataset of RSA certificates, revealing that approximately 1 in 172 keys share a factor with…
Android Malware Disguised as DeepSeek Steals Users’ Login Credentials
A recent cybersecurity threat has emerged in the form of Android malware masquerading as the DeepSeek AI application. This malicious software is designed to deceive users into downloading a fake version of the DeepSeek app, which then compromises their device’s…
BlackLock Ransomware Strikes Over 40 Organizations in Just Two Months
In a concerning escalation of cyber threats, the BlackLock ransomware group has executed a series of attacks on over 40 organizations across various sectors in the first two months of 2025. This surge in activity positions BlackLock as one of…
Jaguar Land Rover Hit by HELLCAT Ransomware Using Stolen Jira Credentials
The HELLCAT ransomware group has claimed responsibility for a significant data breach at Jaguar Land Rover (JLR), exposing vast amounts of sensitive data including proprietary documents, source codes, employee information, and partner details. This attack follows a pattern previously observed…
Apple Introduces RCS End-to-End Encryption for iPhone Messages
Apple has announced the integration of end-to-end encryption (E2EE) for Rich Communication Services (RCS) on iPhones. This development follows the introduction of RCS in iOS 18, marking a new era in mobile messaging with enhanced privacy and security features. The…
Hackers Exploit Tomcat Vulnerability to Hijack Apache Servers
A recent and significant cybersecurity threat has emerged involving a critical vulnerability in Apache Tomcat, identified as CVE-2025-24813. This vulnerability allows for remote code execution, potentially allowing hackers to hijack servers running Apache Tomcat. The exploitation of this vulnerability is…
Hackers Use CSS Tricks to Bypass Spam Filters and Monitor Users
Cybersecurity experts have uncovered how hackers use Cascading Style Sheets (CSS) to deceive spam filters and monitor user behavior. This sophisticated technique allows malicious actors to remain under the radar while gaining insights into user preferences and actions. The abuse…