QNAP Systems has disclosed a critical security vulnerability in its NetBak Replicator software that could enable local attackers to execute malicious code on affected systems. The vulnerability, tracked as CVE-2025-57714, stems from an unquoted search path element flaw that poses…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Asgard Malware Protector Reversed: Researchers Expose Its Antivirus Bypass Methods
SpyCloud Labs analysts have successfully reverse-engineered Asgard Protector, a sophisticated crypter tool prominently used to hide malicious payloads from antivirus detection systems. This crypter has gained particular notoriety for being the preferred choice among sellers of LummaC2, currently the most prevalent commodity…
PoC Published for Sudo Flaw Lets Attackers Escalate to Root
A proof-of-concept exploit has been released for CVE-2025-32463, a critical local privilege escalation vulnerability affecting the Sudo binary that allows attackers to gain root access on Linux systems. The flaw was discovered by security researcher Rich Mirch and has garnered…
PoC Released for Remotely Exploitable Oracle E-Business Suite 0-Day
Oracle has issued an urgent security alert for a critical zero-day vulnerability affecting Oracle E-Business Suite that allows remote code execution without authentication. The vulnerability, tracked as CVE-2025-61882, has now received public proof-of-concept detection capabilities from cybersecurity researcher rxerium. Illustration showing…
WARMCOOKIE Malware Operators Introduce Advanced Capabilities
The cybersecurity landscape continues to evolve as threat actors behind the WARMCOOKIE backdoor malware have significantly enhanced their capabilities, introducing new features and maintaining active development despite law enforcement disruptions. The latest WARMCOOKIE variants demonstrate the threat actors’ commitment to…
Top 10 Best End-to-End Threat Intelligence Companies in 2025
In 2025, businesses face growing challenges in securing their digital assets, networks, and sensitive data. The rise in sophisticated cyberattacks has made end-to-end threat intelligence solutions one of the most critical investments for enterprises, governments, and even mid-size companies. Threat…
Top 10 Best Supply Chain Risk Management Solutions in 2025
In today’s globalized world, managing supply chain risks has become a top priority for businesses. From cybersecurity threats and compliance issues to supplier sustainability and geopolitical instability, businesses face more complex risks than ever before. The right Supply Chain Risk…
New Android Spyware Targeting Users by Imitating Signal and ToTok Apps
ESET researchers have uncovered two sophisticated Android spyware campaigns that target users seeking secure communication platforms by impersonating popular messaging apps Signal and ToTok. These malicious operations appear to focus primarily on residents of the United Arab Emirates (UAE), utilizing…
DrayOS Router Flaw Allows Remote Code Execution by Attackers
A critical vulnerability affecting DrayOS routers could let unauthenticated attackers execute code remotely. Discovered on July 22 by Pierre-Yves Maes of ChapsVision, the flaw stems from the use of an uninitialized variable in the Web User Interface (WebUI). Crafting special…
Threat Actors Pose as Government Officials to Attack Organizations with StallionRAT
In a recent wave of targeted phishing campaigns, the Cavalry Werewolf cluster has escalated its operations by impersonating government officials and deploying both FoalShell and StallionRAT malware. These tactics underscore the urgency of maintaining continuous cyber intelligence monitoring and implementing…
New XWorm V6 Variant Embeds Malicious Code into Trusted Windows Applications
In the constantly evolving world of cyber threats, staying informed is not just an advantage; it’s a necessity. First observed in 2022, XWorm quickly gained notoriety as a highly effective malware, providing cybercriminals with a versatile toolkit for malicious activities.…
GhostSocks Malware-as-a-Service Turns Compromised Devices into Proxies for Threat Actors
On October 15, 2023, a threat actor using the handle GhostSocks published a sales post on the Russian cybercrime forum xss[.]is advertising a novel Malware-as-a-Service (MaaS) offering. The post introduced GhostSocks, a service designed to turn compromised Windows machines into…
SideWinder Hacker Group Targets Users with Fake Outlook/Zimbra Portals to Steal Login Credentials
The notorious SideWinder APT group has intensified its credential harvesting operations across South Asia, deploying sophisticated phishing campaigns that target government, defense, and critical infrastructure organizations through fake webmail portals. The campaign represents a significant escalation from the group’s August…
Hackers Exploit Grafana Vulnerability Allowing Arbitrary File Reads
Researchers at GreyNoise observed a sudden spike in attempts to exploit a well-known Grafana flaw. This vulnerability, tracked as CVE-2021-43798, allows attackers to traverse paths on a server and read any file they choose. Over the course of a single…
WhatsApp Exploited to Spread SORVEPOTEL Malware on Windows Systems
An aggressive malware campaign dubbed SORVEPOTEL is exploiting WhatsApp messages to infiltrate Windows systems, with its epicenter in Brazil. Rather than pursuing data theft or ransomware extortion, this self-propagating malware is engineered for rapid spread, leveraging social trust and automation…
New ‘Point-and-Click’ Phishing Kit Evades Security Filters to Deliver Malicious Payloads
A new toolkit named Impact Solutions has emerged on cybercrime forums, offering a comprehensive, user-friendly framework for crafting advanced phishing campaigns. By democratizing malware delivery, Impact Solutions empowers even low-skill threat actors to bypass both end users and conventional security…
Threat Actors Imitate Popular Brands in New Malware Distribution Campaigns
In a sophisticated resurgence of smishing campaigns, cybercriminals have begun embedding trusted brand names into deceptive URLs and group messaging threads to lure unsuspecting users into downloading malware. By inserting a familiar company name before the “@” symbol in links,…
IIS Servers Compromised by Chinese Hackers for SEO Manipulation
Cisco Talos has revealed that UAT-8099, a Chinese-speaking cybercrime group, has been exploiting vulnerable Internet Information Services (IIS) servers across multiple countries to conduct search engine optimization (SEO) fraud and steal high-value data. Identified in April 2025, this group targets…
Rhadamanthys Stealer Offered on Dark Web for $299–$499
A new offering named Rhadamanthys, a sophisticated information stealer, has surfaced for sale on underground marketplaces, with subscription packages starting at $299 and reaching up to $499 per month. Marked by its polished branding and tiered pricing structure, the malware…
Oracle Confirms Hackers Target E-Business Suite Data in Extortion Campaigns
Oracle has confirmed that a group of hackers stole data from its E-Business Suite (EBS) applications and is using the information in extortion campaigns. The company warns that these attackers exploited vulnerabilities already fixed in the July 2025 Critical Patch…