The cybersecurity landscape has recently been impacted by the emergence of the Strela Stealer malware, a sophisticated infostealer designed to target specific email clients, notably Microsoft Outlook and Mozilla Thunderbird. This malware has been active since late 2022 and has…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Fake BianLian Ransom Demands Sent via Physical Letters to U.S. Firms
In a novel and concerning development, multiple U.S. organizations have reported receiving suspicious physical letters claiming to be from the BianLian ransomware group. These letters, sent via U.S. postal services, threaten recipients with data leaks unless substantial ransoms are paid…
Microsoft Warns: 1 Million Devices Infected by Malware from GitHub
In a recent alert, Microsoft revealed a large-scale malvertising campaign that has compromised nearly one million devices worldwide. This campaign, which began in early December 2024, leverages malicious redirects from illegal streaming websites to deliver malware hosted on platforms like…
North Korean Moonstone Sleet Uses Creative Tactics to Deploy Custom Ransomware
In a recent development, Microsoft has identified a new North Korean threat actor known as Moonstone Sleet, which has been employing a combination of traditional and innovative tactics to achieve its financial and cyberespionage objectives. Moonstone Sleet, formerly tracked as…
Akira Ransomware Targets Windows Servers via RDP and Evades EDR with Webcam Trick
In a recent cybersecurity incident, the Akira ransomware group demonstrated its evolving tactics by exploiting an unsecured webcam to bypass Endpoint Detection and Response (EDR) tools. This novel approach highlights the group’s ability to adapt and evade traditional security measures,…
Fake Tax Claims Scam Stealing Over $10,000 from Victims
Tax season has become a breeding ground for sophisticated AI-powered scams, with nearly half of Americans reporting fraudulent IRS-related communications, according to McAfee’s 2025 survey. Cybercriminals are leveraging deepfake audio, phishing emails, and spoofed websites to steal identities and funds,…
Tails 6.13 Linux Distro Released with Enhanced Wi-Fi Hardware Detection
The Tails Project has launched Tails 6.13, the latest version of its privacy-centric Linux distribution, introducing improved Wi-Fi troubleshooting tools, updated anonymity software, and fixes for persistent storage and installation workflows. Targeted at users prioritizing security and anonymity, this release…
Critical DrayTek Router Vulnerabilities Expose Devices to RCE Attacks
A recent security analysis of Draytek Vigor routers has uncovered severe vulnerabilities that could allow attackers to hijack devices, execute arbitrary code, and bypass critical security controls. These findings, disclosed by researchers at DEFCON 32 HHV and Ekoparty 2024, highlight…
YouTube Alerts Creators About Phishing Emails Targeting Login Credentials
YouTube has issued a critical security advisory following a widespread phishing campaign exploiting private video sharing to distribute AI-generated deepfakes of CEO Neal Mohan. The fraudulent videos falsely claim changes to the platform’s monetization policies, urging creators to click malicious…
Multiple Jenkins Vulnerabilities Allow Attackers to Expose Secrets
Jenkins, the widely-used open-source automation server, issued a high-priority security advisory on March 5, 2025, disclosing four medium-severity vulnerabilities affecting its core platform. The flaws—tracked as CVE-2025-27622 through CVE-2025-27625—impact secrets management, cross-site request forgery (CSRF) protections, and URL validation. Immediate…
Researchers Jailbreak 17 Popular LLM Models to Reveal Sensitive Data
In a recent study published by Palo Alto Networks’ Threat Research Center, researchers successfully jailbroke 17 popular generative AI (GenAI) web products, exposing vulnerabilities in their safety measures. The investigation aimed to assess the effectiveness of jailbreaking techniques in bypassing…
Phantom Goblin Uses Social Engineering Tactics to Deploy Stealer Malware
A sophisticated malware operation, dubbed “Phantom Goblin,” has been identified by cybersecurity researchers, highlighting the increasing use of social engineering tactics to deploy information-stealing malware. This operation leverages deceptive techniques to trick users into executing malicious files, leading to unauthorized…
AMD Microcode Vulnerability Allows Attackers to Load Malicious Patches
A critical vulnerability in AMD’s Zen 1 through Zen 4 processors allows attackers to bypass microcode signature validation, potentially undermining hardware-based security mechanisms. The flaw stems from AMD’s use of AES-CMAC as a hash function during microcode patch verification –…
Microsoft Introduces 365 E5 Security Add-On for Business Premium Customers
Microsoft has launched Microsoft 365 E5 Security as an add-on to its Business Premium suite, providing small and medium-sized businesses (SMBs) with advanced tools to combat escalating cyber threats. The offering integrates enterprise-grade security features at a 57% cost savings…
GitHub Explains How Security Professionals Can Use Copilot for Log Analysis
GitHub Copilot, once a developer-centric tool, is now revolutionizing workflows across technical and non-technical roles. With features like Agent Mode, CLI integration, and Project Padawan, Copilot is emerging as a universal productivity enhancer. This article explores three key developments reshaping…
Peaklight Malware Targets Users to Steal Credentials, Browser History, and Financial Data
Peaklight malware has emerged as a significant threat, designed to steal sensitive information from compromised endpoints. This information stealer is often distributed through underground channels and is sometimes offered as a Malware-as-a-Service (MaaS), making it a continuously evolving and potent…
Medusa Ransomware Attacks Surge 42% with Advanced Tools & Tactics
Medusa ransomware attacks have seen a significant increase, rising by 42% between 2023 and 2024, with a further escalation in early 2025. This surge is attributed to the group Spearwing, which operates Medusa as a ransomware-as-a-service (RaaS) model. Spearwing and…
Activating Incognito Mode in RDP to Erase All Traces
The Remote Desktop Protocol (RDP) is a widely used tool for remote access, but it often leaves behind traces of user activity, which can be a concern for privacy and security. Recently, the use of the “/public” command-line option in…
FBI Warns: Threat Actors Impersonating BianLian Group to Target Corporate Executives
The Federal Bureau of Investigation (FBI) issued a critical alert through its Internet Crime Complaint Center (IC3) warning of a novel cyber extortion campaign targeting corporate executives. Criminal actors impersonating the notorious BianLian ransomware group are leveraging physical mail to…
Apache Pinot Vulnerability Allows Remote Attackers to Bypass Authentication
A critical security flaw (CVE-2024-56325) in Apache Pinot, a real-time distributed OLAP datastore, has been disclosed, allowing unauthenticated attackers to bypass authentication controls and gain unauthorized access to sensitive systems. Rated 9.8 on the CVSS scale, this vulnerability exposes organizations…