Security researchers have uncovered a critical flaw in OpenSSH’s ProxyCommand feature that can be leveraged to achieve remote code execution on client systems. Tracked as CVE-2025-61984, the vulnerability arises from inadequate filtering of control characters in usernames when expanding the…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
CISA Issues Alert on Active Exploitation of Microsoft Windows Privilege Escalation Flaw
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a critical privilege escalation vulnerability in Microsoft Windows. Known as CVE-2021-43226, this flaw resides in the Common Log File System (CLFS) driver. Attackers who gain local access…
GoAnywhere 0-Day RCE Actively Exploited to Deliver Medusa Ransomware
A critical zero-day vulnerability in GoAnywhere MFT’s License Servlet is being actively exploited to deploy Medusa ransomware. On September 18, 2025, Fortra released an advisory disclosing CVE-2025-10035, a deserialization flaw with a perfect CVSS score of 10.0. Threat actors tracked…
Hackers Launch Leak Portal to Publish Data Stolen from Salesforce Instances
The hacker collective styling itself “Scattered Lapsus$ Hunters”—an alliance echoing elements of ShinyHunters, Scattered Spider, and Lapsus$—has launched an extortionware portal to pressure victims into paying for delisting and purported deletion of stolen data. The group’s leverage centers on Salesforce…
Mustang Panda Adopts New DLL Side-Loading Method to Deploy Malware
The sophisticated China-linked threat actor Mustang Panda has refined its cyber espionage arsenal with an advanced DLL side-loading technique specifically targeting the Tibetan community, according to recent analysis of a campaign first identified by IBM’s X-Force in June 2025. This politically motivated…
Cl0p Ransomware Actively Exploiting Oracle E-Business Suite 0-Day
The notorious Cl0p ransomware group has been actively exploiting a critical zero-day vulnerability in Oracle’s E-Business Suite (EBS), targeting enterprise customers through CVE-2025-61882. This sophisticated attack campaign has prompted Oracle to issue an emergency security advisory after reports surfaced that multiple organizations…
NCSC Issues Alert on Active Exploitation of Oracle E-Business Suite 0-Day Vulnerability
The UK National Cyber Security Centre (NCSC) has issued a security alert following confirmation of active exploitation of a critical 0-day vulnerability, tracked as CVE-2025-61882, in Oracle E-Business Suite (EBS). Oracle has released an urgent security update to address the issue, underscoring…
13-Year-Old Redis RCE Flaw Lets Attackers Seize Complete Host Control
A remote code execution vulnerability discovered in Redis, the widely-used in-memory data structure store, has sent shockwaves through the cybersecurity community. The flaw, designated CVE-2025-49844 and dubbed “RediShell” by researchers, carries the maximum CVSS 3.1 severity score of 10.0 and…
Paris, France, October 6th, 2025, CyberNewsWire
Reemo continues its mission to secure enterprise remote access and becomes the first French cybersecurity provider to protect all remote access within a single platform. Reemo announces Bastion+, a next-generation bastion solution deployable without limits. “Companies don’t need another bastion.…
New ‘Fully Undetectable’ Android RAT Discovered on GitHub
Hosted at the repository “Huckel789/Android-RAT,” this fully undetectable (FUD) RAT is designed to evade antivirus detection permanently, maintain persistence in battery-optimized environments, and deliver a feature-rich command-and-control (C2C) experience entirely from a web interface. This Android RAT sets itself apart…
Hackers Allegedly Breach Huawei Technologies, Leak Source Code and Internal Tools
Cybersecurity researchers are reporting an alleged security breach involving Chinese technology giant Huawei Technologies, with hackers claiming to have accessed and leaked sensitive source code and internal development tools. The incident, which surfaced through social media channels, represents a potentially significant…
Zabbix Agent/Agent2 for Windows Vulnerability Could Allow Privilege Escalation
A security flaw in Zabbix Agent and Agent2 for Windows has been discovered that could allow a local attacker to gain higher system privileges. The issue, tracked as CVE-2025-27237, stems from the way the agent loads its OpenSSL configuration file.…
TamperedChef Malware Disguised as PDF Editor Hijacks Browser Credentials and Opens Backdoors
A sophisticated malware campaign dubbed TamperedChef has successfully compromised European organizations by masquerading as a legitimate PDF editor application, according to new research from WithSecure’s Strategic Threat Intelligence & Research Group (STINGR). The campaign demonstrates how threat actors can leverage…
Integrate Gemini CLI into Your Kali Terminal to Speed Up Pentesting Tasks
With the release of Kali Linux 2025.3, penetration testers and security professionals gain access to an innovative AI-powered assistant, the Gemini Command-Line Interface (CLI). This open-source package brings Google’s Gemini AI directly into the terminal, offering natural language–driven automation for…
Technical Details and Exploit Released for Chrome Remote Code Execution Flaw
A remote code execution vulnerability affecting Google Chrome’s WebAssembly engine has been publicly disclosed, along with a fully functional exploit. The flaw, discovered and reported during TyphoonPWN 2025, involves a regression in the canonicalization logic for indexed reference types in…
Yurei Ransomware leverages SMB shares and removable drives to Encrypt Files
Targeting Windows systems, Yurei employs advanced file encryption and stealth techniques to maximize impact and minimize detection. Encrypted files are appended with the extension .Yurei, and victims receive a ransom note named _README_Yurei.txt with Tor-based contact channels. CYFIRMA has observed…
Hackers Exploit WordPress Sites by Silently Injecting Malicious PHP Code
Cybercriminals have ramped up attacks on WordPress websites by stealthily modifying theme files to serve unauthorized third-party scripts. This campaign leverages subtle PHP injections in the active theme’s functions.php to fetch external code, effectively turning compromised sites into silent distributors…
Ransomware Gangs Exploit Remote Access Tools to Stay Hidden and Maintain Control
Modern ransomware operations have evolved far beyond simple opportunistic attacks into sophisticated, multi-stage campaigns that exploit legitimate Remote Access Tools (RATs) to maintain stealth and persistence while systematically dismantling organizational defenses. Ransomware is one of the most disruptive cyber threats,…
Redis Server Use-After-Free Vulnerability Allows Remote Code Execution
A critical security vulnerability has been discovered in Redis Server that could allow authenticated attackers to achieve remote code execution through a use-after-free flaw in the Lua scripting engine. The vulnerability, tracked as CVE-2025-49844, affects all versions of Redis that…
Hackers Turn AWS X-Ray into Command-and-Control Platform
Red team researchers have unveiled XRayC2, a sophisticated command-and-control framework that weaponizes Amazon Web Services’ X-Ray distributed application tracing service to establish covert communication channels. This innovative technique demonstrates how attackers can abuse legitimate cloud monitoring infrastructure to bypass traditional…