The new Gunra group has expanded its attack surface beyond Windows PCs by releasing a Linux version of their virus, which was initially discovered in April 2025. This is a major uptick in the ransomware ecosystem. This development underscores the…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
New JSCEAL Attack Aims to Steal Credentials and Wallets from Crypto App Users
Check Point Research (CPR) has identified a sophisticated malware campaign dubbed JSCEAL, which targets users of cryptocurrency trading applications through malicious advertisements and compiled JavaScript payloads. Active since at least March 2024, the operation has evolved to incorporate advanced anti-analysis…
CISA and FBI Release Tactics, Techniques, and Procedures of the Scattered Spider Hacker Group
The joint Cybersecurity Advisory AA23-320A, collaboratively issued by agencies such as the FBI, CISA, RCMP, ASD’s ACSC, AFP, CCCS, and NCSC-UK, serves as a critical update on the Scattered Spider cybercriminal group. Originally published in November 2023 and revised multiple…
ChatGPT Agent Defeats Cloudflare’s ‘I Am Not a Robot’ Security Check
In a significant development that highlights both the advancing capabilities of AI and potential vulnerabilities in web security systems, a ChatGPT-powered agent has successfully bypassed Cloudflare’s widely-used “I am not a robot” verification system. The breakthrough, demonstrated through automated interactions…
Severe Vulnerability in AI Vibe Lets Attackers Access Private User Applications
A critical security vulnerability in the popular AI-powered development platform Base44 allowed unauthorized attackers to bypass authentication controls and gain access to private enterprise applications, according to a new report from Wiz Research. The flaw, which has since been patched,…
Hackers Target SAP NetWeaver to Deploy New Auto-Color Linux Malware
Cybersecurity researchers at Darktrace have uncovered a sophisticated attack targeting a US-based chemicals company, marking the first observed instance of threat actors exploiting SAP NetWeaver vulnerabilities to deploy Auto-Color backdoor malware. The incident, which occurred over three days in April…
Free Decryptor Released for AI-Powered FunkSec Ransomware
Researchers at Avast have unveiled a free decryptor tool for victims of the FunkSec ransomware, marking a significant step in combating this now-defunct malware strain. Developed in collaboration with law-enforcement agencies, the decryptor enables affected users to recover encrypted files…
Enterprise LLMs Vulnerable to Prompt-Based Attacks Leading to Data Breaches
Security researchers have discovered alarming vulnerabilities in enterprise Large Language Model (LLM) applications that could allow attackers to bypass authentication systems and access sensitive corporate data through sophisticated prompt injection techniques. The findings reveal that many organizations deploying AI-powered chatbots…
New Microsoft Guidance Targets Defense Against Indirect Prompt Injection
Microsoft has unveiled new guidance addressing one of the most pressing security challenges facing enterprise AI deployments: indirect prompt injection attacks. This emerging threat vector has become the top entry in the OWASP Top 10 for LLM Applications & Generative…
Chrome Vulnerabilities Allow Attackers to Hijack Memory and Run Malicious Code
Google has released an emergency security update for its Chrome browser to address critical vulnerabilities that could allow attackers to hijack system memory and execute malicious code on affected devices. The Stable channel has been updated to version 138.0.7204.183/.184 for…
Orange Hit by Cyberattack, Internal Systems Hacked
French telecommunications giant Orange confirmed it suffered a significant cyberattack on Friday, July 25th, targeting one of its critical information systems. The incident has disrupted services for business customers and some consumer services, primarily affecting operations in France as the…
Android Banking Malware Masquerades as Government Agencies to Attack Users
Cyble Research and Intelligence Labs (CRIL) has uncovered a sophisticated Android banking trojan dubbed RedHook, which disguises itself as legitimate applications from Vietnamese government and financial institutions to deceive users. This malware, first observed in the wild around January 2025,…
Qilin Ransomware Gains Momentum with Legal Assistance Option for Affiliates
The Qilin ransomware gang has introduced a “Call Lawyer” feature for its affiliates, announced on a Russian-speaking darknet forum. This Ransomware-as-a-Service (RaaS) enhancement provides on-demand legal assistance during extortion negotiations, leveraging the perceived authority of legal counsel to amplify pressure…
ToxicPanda Android Banking Malware Compromises Over 4,500 Devices to Harvest Banking Credentials
The ToxicPanda Android banking trojan has emerged as a significant threat, compromising over 4,500 devices primarily in Portugal and Spain as of early 2025, with a focus on stealing banking credentials, overlaying PIN and pattern codes, and enabling unauthorized transactions.…
Unveiling 0bj3ctivityStealer’s Execution Chain: New Capabilities and Exfiltration Techniques Exposed
In the ever-evolving infostealer landscape, 0bj3ctivityStealer emerges as a formidable threat, blending advanced obfuscation with targeted data exfiltration. Discovered earlier this year by HP Wolf Security researchers, this .NET-based malware has been observed in proactive threat hunting by the Trellix…
Qwins Ltd: Bulletproof Hosting Provider Powering Global Malware Campaigns
Security researchers may have discovered a reliable hosting company run by Qwins Ltd. that supports a broad range of international malware operations in a recent analysis resulting from standard follow-up on Lumma infostealer infections. Lumma, consistently ranking among the top…
New XWorm V6 Variant with Anti-Analysis Features Targeting Windows Users in Active Attacks
Netskope Threat Labs has uncovered a new iteration of the XWorm malware, version 6.0, which demonstrates ongoing development by threat actors and introduces sophisticated enhancements aimed at evading detection and maintaining persistence on Windows systems. This variant builds upon previously…
Lazarus Subgroup ‘TraderTraitor’ Targets Cloud Platforms and Contaminates Supply Chains
The North Korean state-sponsored advanced persistent threat (APT) known as TraderTraitor, a subgroup of the notorious Lazarus Group, has emerged as a formidable actor specializing in digital asset heists. Tracked under aliases such as UNC4899, Jade Sleet, TA444, and Slow…
Unveiling the Lumma Password Stealer Attack: Infection Chain and Escalation Tactics Exposed
Lumma, a sophisticated C++-based information stealer, has surged in prevalence over recent years, posing significant risks to both individuals and organizations by exfiltrating sensitive data such as browser credentials, cryptocurrency wallets, and personal files. Developed since December 2022 and distributed…
SquareX Discloses Architectural Limitations Of Browser DevTools In Debugging Malicious Extensions
Palo Alto, California, July 29th, 2025, CyberNewsWire Despite the expanding use of browser extensions, the majority of enterprises and individuals still rely on labels such as “Verified” and “Chrome Featured” provided by extension stores as a security indicator. The recent…