Apple has released emergency security updates to address a zero-day vulnerability, CVE-2025-24200, that has been actively exploited in targeted attacks against iPhone and iPad users. The vulnerability allows attackers to disable USB Restricted Mode on a locked device, potentially granting…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
New Report of of 1M+ Malware Samples Show Application Layer Abused for Stealthy C2
A recent analysis of over one million malware samples by Picus Security has revealed a growing trend in the exploitation of application layer protocols for stealthy command-and-control (C2) operations. These findings, detailed in the Red Report 2025, underscore the increasing…
SHA256 Hash Calculation from Data Chunks
The SHA256 algorithm, a cryptographic hash function, is widely used for securing data integrity and authenticity. It processes input data in fixed-size chunks of 512 bits (64 bytes) and produces a unique 256-bit (32-byte) hash. This property allows for incremental…
Seven-Year-Old Linux Kernel Bug Opens Door to Remote Code Execution
Researchers have uncovered a critical vulnerability in the Linux kernel, dating back seven years, that could allow attackers to execute remote code. The flaw, identified in the core TCP subsystem, was introduced through a race condition in the inet_twsk_hashdance function.…
Ransomware Payments Plunge 35% as More Victims Refuse to Pay
In a significant shift within the ransomware landscape, global ransom payments plummeted by 35% in 2024, falling from $1.25 billion in 2023 to $813.55 million, according to a report by blockchain analytics firm Chainalysis. This marked the first substantial decline…
Quishing via QR Codes Emerging as a Top Attack Vector Used by Hackers
QR codes, once a symbol of convenience and security in digital interactions, have become a significant target for cybercriminals. The Rise of Fake QR Code Scams A new form of cyberattack, dubbed “quishing,” involves the use of counterfeit QR codes…
NetSupport RAT Grant Attackers Full Access to Victims Systems
The eSentire Threat Response Unit (TRU) has reported a significant rise in incidents involving the NetSupport Remote Access Trojan (RAT) since January 2025. This malicious software, originally designed as a legitimate IT support tool, has been weaponized by cybercriminals to…
LLM Hijackers Exploit DeepSeek-V3 Model Just One Day After Launch
Hackers reportedly gained unauthorized access to the cutting-edge DeepSeek-V3 model within just 24 hours of its high-profile release. DeepSeek-V3, a state-of-the-art large language model (LLM) developed by the renowned AI research lab Nexus-AI, was expected to redefine benchmarks in natural…
GitHub Copilot’s New Agent Mode Enables Autonomous Code Completion
GitHub has once again raised the bar for productivity in software development with the launch of its revolutionary “Agent Mode” for GitHub Copilot. This new feature takes the AI-powered coding assistant to a whole new level, enabling developers to autonomously…
Marvel Game Vulnerability Exposes PCs & PS5s to Remote Takeover Attacks
A severe security vulnerability has been uncovered in the popular video game Marvel Rivals, raising major concerns for both PC and PlayStation 5 players. The exploit, discovered by a security researcher, enables attackers to remotely take control of devices on the…
Penetration Testers Arrested During Approved Physical Penetration Testing
A routine physical penetration test conducted by cybersecurity professionals took an unexpected turn when armed police officers arrested two security experts during a simulated breach of a corporate office in Malta. Physical penetration testing is a critical component of cybersecurity…
Massive Brute Force Attack Launched With 2.8 Million IPs To Hack VPN & Firewall Logins
Massive brute force attacks targeting VPNs and firewalls have surged in recent weeks, with cybercriminals using as many as 2.8 million unique IP addresses daily to conduct relentless login attempts. The Shadowserver Foundation, a nonprofit cybersecurity organization, has confirmed this…
Cisco Data Breach – Ransomware Group Allegedly Breached Internal Network
Sensitive credentials from Cisco’s internal network and domain infrastructure were reportedly made public due to a significant data breach. According to a Cyber Press Research report, the new Kraken ransomware group has allegedly leaked a dataset on their dark web…
Critical Zimbra Flaws Allow Attackers to Gain Unauthorized Access to Sensitive Data
Serious vulnerabilities in Zimbra Collaboration Suite (ZCS), a popular enterprise email and collaboration platform, have raised alarm in the cybersecurity community. Security researchers have identified several critical flaws that allow attackers to access sensitive data and compromise user accounts. With…
Linux Kernel 6.14-rc2 Released – What’s Newly Added !
Linus Torvalds, lead developer of the Linux kernel, announced the second release candidate (rc2) of Linux Kernel 6.14, providing developers and enthusiasts with a glimpse at the latest updates and fixes in the kernel’s development cycle. The announcement was made…
Tor Browser 14.0.6 Released, What’s New!
The Tor Project has officially unveiled Tor Browser 14.0.6, now accessible for download from the Tor Browser download page and its distribution directory. The latest update introduces critical fixes and enhancements, ensuring a smoother and more secure browsing experience for users. Here’s a detailed…
Hackers Exploit AnyDesk Vulnerability to Gain Admin Access – PoC Released
A newly discovered vulnerability in AnyDesk, the popular remote desktop software, has sparked serious cybersecurity concerns. Identified as CVE-2024-12754 and tracked under ZDI-24-1711, this flaw allows local attackers to exploit a mechanism to handle Windows background images, potentially escalating their…
UK Pressures Apple to Create Global Backdoor To Spy on Encrypted iCloud Access
United Kingdom has reportedly ordered Apple to create a backdoor allowing access to all encrypted content stored in its iCloud service. The demand, issued under the U.K.’s controversial Investigatory Powers Act of 2016, has raised alarm among privacy advocates and…
Securing GAI-Driven Semantic Communications: A Novel Defense Against Backdoor Attacks
Semantic communication systems, powered by Generative AI (GAI), are transforming the way information is transmitted by focusing on the meaning of data rather than raw content. Unlike traditional communication methods, these systems encode semantic features such as text, images, or…
Autonomous LLMs Reshaping Pen Testing: Real-World AD Breaches and the Future of Cybersecurity
Large Language Models (LLMs) are transforming penetration testing (pen testing), leveraging their advanced reasoning and automation capabilities to simulate sophisticated cyberattacks. Recent research demonstrates how autonomous LLM-driven systems can effectively perform assumed breach simulations in enterprise environments, particularly targeting Microsoft…