Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

The threat actor known as NoisyBear has launched a sophisticated cyber-espionage effort called Operation BarrelFire, using specially designed phishing lures that imitate internal correspondence to target Kazakhstan’s energy sector, particularly workers of the state oil and gas major KazMunaiGas. Security…

Read more →

ESET security researchers have uncovered a sophisticated cyber threat campaign targeting Windows servers across multiple countries, with attackers deploying custom malware tools designed for both remote access and search engine manipulation. Cybersecurity experts at ESET have identified a previously unknown…

Read more →

 Armis Labs has uncovered ten critical security flaws collectively named “Frostbyte10” in Copeland’s E2 and E3 building management controllers. These devices, which handle refrigeration, HVAC, lighting, and other essential functions, could allow remote attackers to execute code, change settings, disable…

Read more →

Microsoft has officially acknowledged a significant User Account Control (UAC) bug that is causing widespread installation issues across Windows 10 and Windows 11 systems. The problem stems from a security update released in August 2025 and affects millions of users…

Read more →

Chinese state-sponsored Advanced Persistent Threat (APT) groups have escalated their cyber espionage campaigns, systematically targeting global telecommunications, government, and military networks through sophisticated router exploitation techniques since 2021. Since at least 2021, Chinese state-sponsored cyber actors have been conducting extensive,…

Read more →

The Django development team has issued security updates after discovering a high-severity SQL injection flaw in the FilteredRelation feature. This flaw could allow attackers to run harmful database commands by crafting unexpected query parameters. Users running Django 5.2, 5.1, or 4.2 should…

Read more →

The U.S. government has unveiled a $10 million reward for information leading to the arrest of three Russian FSB officers.  The officers are accused of carrying out cyberattacks on U.S. critical infrastructure and exploiting Cisco network equipment. This public notice…

Read more →

Cybersecurity firm Silent Push has exposed a colossal illegal Internet Protocol Television (IPTV) network, revealing a sophisticated piracy operation that has been active for years across more than 1,000 domains and over 10,000 unique IP addresses. The findings highlight the…

Read more →

Security teams have issued a warning after Google researchers detected active attacks exploiting a new zero-day vulnerability in Sitecore products. Tracked as CVE-2025-53690, this flaw allows attackers to run code on unpatched servers by tampering with the ViewState mechanism in ASP.NET.…

Read more →

Security researchers revealed that three unauthorized TLS certificates were issued in May 2025 for 1.1.1.1, the widely used public DNS service run by Cloudflare and APNIC. These certificates, improperly issued by the Fina RDC 2020 certificate authority, could allow attackers…

Read more →

A highly sophisticated phishing campaign is targeting PayPal users with a deceptive email designed to grant scammers direct access to their accounts. The attack, which has been circulating for at least a month, uses a clever trick that bypasses traditional…

Read more →

Malicious actors have found a new way to slip harmful links into X’s promoted posts by tricking Grok, the platform’s AI assistant. Although X explicitly bans links in paid promotions to curb malvertising, scammers now harness Grok’s content amplification to…

Read more →

Cybersecurity researchers have identified a sophisticated evolution in XWorm malware operations, with the backdoor campaign implementing advanced tactics to evade detection systems. The Trellix Advanced Research Center has documented this significant shift in the malware’s deployment strategy, revealing a deliberate…

Read more →

Russian state-sponsored hackers have developed a sophisticated new backdoor malware called “NotDoor” that specifically targets Microsoft Outlook users, enabling attackers to steal sensitive data and gain complete control over compromised systems. The NotDoor malware has been attributed to APT28, the…

Read more →

PagerDuty has confirmed that it experienced a data breach following a compromise of its Salesforce account. The company was first alerted to the issue by Salesloft on August 20, 2025, when Salesloft notified PagerDuty of a security problem in the…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert about a serious security hole in certain TP-Link devices. This flaw, tracked as CVE-2020-24363, allows an attacker on the same network to take control without needing a password.…

Read more →

A newly discovered vulnerability in the AI supply chain—termed Model Namespace Reuse—permits attackers to achieve Remote Code Execution (RCE) across major AI platforms, including Microsoft Azure AI Foundry, Google Vertex AI, and thousands of open-source projects. By re-registering abandoned or…

Read more →

The recently emerged DireWolf ransomware group has launched a sophisticated new campaign targeting Windows systems worldwide, employing ruthless tactics to delete event logs, erase backup-related data, and thwart recovery efforts. First sighted in May 2025, DireWolf has rapidly escalated its…

Read more →

More than 1,100 instances of Ollama—a popular framework for running large language models (LLMs) locally—were discovered directly accessible on the public internet, with approximately 20% actively hosting vulnerable models that could be exploited by unauthorized parties. Cisco Talos specialists made…

Read more →

A low-severity security issue in Apache DolphinScheduler has been addressed in the latest release. Identified as CVE-2024-43166 and classified under CWE-276: Incorrect Default Permissions, this vulnerability affects all DolphinScheduler versions prior to 3.2.2. Users are strongly advised to upgrade to…

Read more →