Microsoft has released a critical patch for a 2-year-old Windows kernel security vulnerability. This vulnerability, identified as CVE-2025-24983, allows attackers to exploit a weakness in the Windows Win32 Kernel Subsystem, leading to an elevation of privilege. The patch comes after…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
North Korean Hackers Use Google Play Malware to Steal SMS, Calls & Screenshots
Cybersecurity researchers at Lookout Threat Lab have uncovered a sophisticated Android surveillance tool dubbed “KoSpy,” which appears to be the work of North Korean state-sponsored hackers. This newly discovered spyware has been active since March 2022, with the most recent…
Hackers Exploiting JSPSpy To Manage Malicious Webshell Networks
Cybersecurity researchers have recently identified a cluster of JSPSpy web shell servers featuring an unexpected addition, Filebroser, a rebranded version of the open-source File Browser file management tool. This discovery sheds light on how attackers continue to leverage web shells…
Mozilla Issues Urgent Firefox Update Warning to Prevent Add-on Failures
Mozilla has issued an urgent warning to all Firefox users, emphasizing the need to update their browsers before a critical root certificate expires on March 14, 2025. This certificate is used to verify signed content and add-ons across various Mozilla…
Hackers Exploit Microsoft Copilot for Advanced Phishing Attacks
Hackers have been targeting Microsoft Copilot, a newly launched Generative AI assistant, to carry out sophisticated phishing attacks. This campaign highlights the risks associated with the widespread adoption of Microsoft services and the challenges that come with introducing new technologies…
New DCRat Campaign Uses YouTube Videos to Target Users
A new campaign involving the DCRat backdoor has recently been uncovered, leveraging YouTube as a primary distribution channel. Since the beginning of the year, attackers have been using the popular video-sharing platform to target users by creating fake or stolen…
Bitdefender Identifies Security Vulnerabilities Enabling Man-in-the-Middle Exploits
Cybersecurity firm Bitdefender has disclosed two high-severity security vulnerabilities affecting its legacy BOX v1 device, exposing users to potential remote code execution and man-in-the-middle attacks. The vulnerabilities, identified on March 12th, 2025, affect a product that is no longer sold…
FreeType Vulnerability Actively Exploited for Arbitrary Code Execution
A significant vulnerability has been identified in the FreeType library, a widely used open-source font rendering engine. This vulnerability tracked as CVE-2025-27363, is being actively exploited and may lead to arbitrary code execution on affected systems. Overview of the Vulnerability:…
Fake CAPTCHA Malware Exploits Windows Users to Run PowerShell Commands
In early February 2025, Trustwave SpiderLabs uncovered a resurgence of a malicious campaign leveraging fake CAPTCHA verifications to deliver malware. This campaign uses deceptive CAPTCHA prompts to trick users into executing PowerShell commands, initiating a multi-stage attack chain. The end…
New OBSCURE#BAT Exploit Windows Alters System Processes & Registry for Evasion
Cybersecurity researchers at Securonix have identified an advanced malware campaign that employs social engineering tactics and heavily obfuscated code to deploy rootkits capable of cloaking malicious activities on compromised systems. Dubbed OBSCURE#BAT, the campaign targets English-speaking users through various deception…
North Korean Hackers Deploy DocSwap Malware Disguised as Security Tool
In a recent cybersecurity threat discovery, the S2W Threat Research and Intelligence Center Talon has identified and analyzed a new type of malware linked to a North Korean-backed Advanced Persistent Threat (APT) group. The malware, masquerading as a “문서열람 인증…
Medusa Ransomware Hits 300+ Critical Infrastructure Organizations Worldwide
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have issued a joint advisory on the Medusa ransomware, a ransomware-as-a-service (RaaS) variant that has been active since June…
Tenda AC7 Vulnerability Lets Hackers Execute Malicious Payloads for Root Access
A vulnerability has been discovered in the Tenda AC7 router, firmware version V15.03.06.44, which allows attackers to execute malicious payloads and gain root access. As per a report in Github, the vulnerability, identified through experimental setup and exploitation, revolves around…
GitLab Identifies Security Vulnerabilities Enabling Attacker Logins as Valid Users
GitLab announced the release of versions 17.9.2, 17.8.5, and 17.7.7 for both its Community Edition (CE) and Enterprise Edition (EE). These updates include crucial bug and security fixes, urging all self-managed installations to upgrade promptly to protect against several critical…
Fortinet Addresses Security Issues in FortiSandbox, FortiOS, and Other Products
Fortinet’s Product Security Incident Response Team (PSIRT) announced the resolution of several critical and high-severity security vulnerabilities affecting various Fortinet products, including FortiSandbox and FortiOS. These updates are part of Fortinet’s ongoing efforts to enhance the security and reliability of…
Chinese Hacked Exploit Juniper Networks Routers to Implant Backdoor
Cybersecurity researchers have uncovered a sophisticated cyber espionage campaign targeting critical network infrastructure, marking a significant evolution in tactics by Chinese state-sponsored hackers. Mandiant, a leading cybersecurity firm, has discovered multiple custom backdoors deployed on Juniper Networks‘ routers, attributing the…
U.S. Accuses 12 Chinese Nationals of Hacking National Security Networks
The United States has taken significant steps to address the growing threat of Chinese cyber intrusions into U.S. government agencies and critical infrastructure. On March 5, the U.S. Department of Justice (DOJ) indicted 12 Chinese nationals and one Chinese company…
CISA Issues Advisory on Windows NTFS Flaw Enabling Local Code Execution
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory regarding a significant vulnerability in the Microsoft Windows New Technology File System (NTFS). This security flaw, identified as CVE-2025-24993, involves a heap-based buffer overflow vulnerability. The vulnerability could…
MirrorFace APT Using Custom Malware To Exploited Windows Sandbox & Visual Studio Code
The cybersecurity landscape witnessed a significant development when the National Police Agency (NPA) and the National center of Incident readiness and Strategy for Cybersecurity (NISC) released a security advisory on January 8, 2025. This advisory highlighted an Advanced Persistent Threat…
CISA Issues Security Alert on Windows NTFS Exploit Risk
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning regarding a recently discovered vulnerability in Microsoft’s Windows New Technology File System (NTFS). Identified as CVE-2025-24991, this security flaw could potentially lead to unauthorized access to sensitive data…