Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Microsoft has successfully disrupted a major cyberattack campaign orchestrated by the Vanilla Tempest threat group in early October 2025. The tech giant revoked over 200 fraudulent certificates that the cybercriminals had used to sign fake Microsoft Teams installation files, which…

Read more →

F5 Networks confirmed that a sophisticated nation-state threat actor infiltrated its systems, exfiltrating proprietary BIG-IP source code and confidential vulnerability information. The incident, which began in August 2025, targeted F5’s product development and engineering knowledge platforms, prompting an immediate response…

Read more →

A major manufacturing company fell victim to a swift and devastating ransomware attack after threat actors gained access using just one set of stolen VPN credentials. The attack, carried out by the cybercrime group Ignoble Scorpius, culminated in widespread encryption…

Read more →

A newly discovered zero-day vulnerability in the Windows Agere Modem driver has been actively exploited by threat actors to elevate privileges on affected systems. Tracked as CVE-2025-24052 and CVE-2025-24990, these flaws allow a low-privileged user to gain full system control…

Read more →

The Cybersecurity and Infrastructure Security Agency has added a critical vulnerability in Rapid7 Velociraptor to its Known Exploited Vulnerabilities catalogue, warning that threat actors are actively exploiting the flaw in ransomware attacks. The vulnerability, tracked as CVE-2025-6264, was added to…

Read more →

A serious security flaw has been discovered in Microsoft’s Internet Information Services (IIS) that lets attackers run arbitrary code without logging in. The vulnerability affects the IIS Inbox COM Objects and stems from improper handling of shared memory and objects…

Read more →

Google has released a critical security update for Chrome browser users after discovering a dangerous use-after-free vulnerability that could allow cybercriminals to execute malicious code on victims’ computers. The flaw, tracked as CVE-2025-11756, affects Chrome’s Safe Browsing feature and has…

Read more →

Veeam has released an urgent security patch to address multiple critical remote code execution (RCE) vulnerabilities in Veeam Backup & Replication version 12. These flaws could allow authenticated domain users to run malicious code on backup servers and infrastructure hosts.…

Read more →

Fortinet has disclosed a security vulnerability affecting its FortiOS operating system that could allow attackers with administrative privileges to execute unauthorized system commands by bypassing command line interface restrictions. The flaw, tracked as CVE-2025-58325, was discovered internally by Fortinet’s PSIRT…

Read more →

Sophisticated Threat Actor Compromises 17,000+ Developers Through Trojan Extensions That Steal Code and Mine Cryptocurrency. Operating since early 2025 under multiple publisher accounts (ab-498, 498, and 498-00), this sophisticated campaign deploys extensions that steal source code, mine cryptocurrency, and establish…

Read more →

Fortinet has disclosed a critical security vulnerability affecting FortiPAM and FortiSwitchManager products that could enable attackers to bypass authentication mechanisms through brute-force attacks. The vulnerability, tracked as CVE-2025-49201, was internally discovered by Gwendal Guégniaud of the Fortinet Product Security team…

Read more →

The GhostBat RAT campaign leverages diverse infection vectors—WhatsApp, SMS with shortened URLs, GitHub-hosted APKs, and compromised websites—to distribute malicious Android droppers. Once installed, these droppers employ multi-stage workflows, deliberate ZIP header manipulation, and heavy string obfuscation to evade antivirus detection…

Read more →

The China-backed advanced persistent threat group Flax Typhoon maintained year-long access to an ArcGIS system by turning trusted software into a persistent backdoor—an attack so unique it prompted the vendor to update its documentation. The attackers repurposed a legitimate Java…

Read more →

Microsoft officially ended support for Windows 10 on October 14, 2025, leaving millions of users worldwide facing critical security concerns. The decision marks the end of regular technical assistance, feature updates, and security patches for one of the most widely…

Read more →

Microsoft has confirmed active exploitation of a critical zero-day vulnerability affecting the Windows Remote Access Connection Manager, designated as CVE-2025-59230. The security flaw, disclosed on October 14, 2025, allows attackers with limited system access to escalate their privileges to the…

Read more →

Security researchers have unveiled a sophisticated new attack technique dubbed “Pixnapping” that can extract two-factor authentication codes from Google Authenticator and other sensitive mobile applications in under 30 seconds. Pixnapping leverages fundamental features of Android’s graphics rendering system to create…

Read more →

Security researchers have uncovered critical vulnerabilities in signed UEFI shells that allow attackers to completely bypass Secure Boot protections on approximately 200,000 Framework laptops and desktops. These flaws expose a fundamental weakness in firmware security that could enable persistent, undetectable…

Read more →

Telegram has solidified its position as the primary coordination hub for modern hacktivist operations, according to comprehensive research analyzing over 11,000 posts from more than 120 politically motivated threat actor groups. Contrary to assumptions that such activities remain hidden in…

Read more →

British organisations are facing an unprecedented cyber security crisis as the National Cyber Security Centre reveals a dramatic surge in attacks threatening the nation’s digital infrastructure. This alarming escalation translates to an average of four major cyber attacks targeting UK…

Read more →

The pro-Russian hacktivist collective NoName057(16) has emerged as a notable participant in a coordinated wave of cyberattacks targeting Israeli infrastructure during the October 7 anniversary period. The group claimed responsibility for multiple distributed denial-of-service (DDoS) attacks against government portals, financial…

Read more →