A newly updated cybersecurity advisory from federal agencies reveals that the Akira ransomware operation has significantly escalated its campaign, compromising organizations worldwide and accumulating massive ransom proceeds through sophisticated attack methods. According to the joint advisory released on November 13,…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Checkout.com Suffers Data Breach as ShinyHunters Attack Cloud Storage
Payment processor Checkout.com recently experienced a data breach after being targeted by the cybercrime group “ShinyHunters.” The attackers accessed old data stored in a third-party cloud system. Luckily, Checkout.com’s live payment processing environment was not affected, and no merchant funds…
Fortinet FortiWeb Zero-Day Exploited to Gain Full Admin Access
A critical zero-day vulnerability in Fortinet FortiWeb has been actively exploited in the wild, allowing attackers to gain complete administrator access without any prior authentication. The flaw affects Fortinet’s Web Application Firewall, which is designed to protect web applications from…
Lumma Stealer Leverages Browser Fingerprinting for Data Theft and Stealthy C2 Communications
Following the doxxing of Lumma Stealer’s alleged core members last month, the notorious infostealer initially experienced a significant decline in activity as customers migrated to rival platforms like Vidar and StealC. However, recent telemetry data reveals a concerning resurgence of…
Palo Alto PAN-OS Flaw Lets Attackers Force Firewall Reboots via Malicious Packets
Palo Alto Networks has disclosed a denial-of-service vulnerability in its PAN-OS software that allows attackers to force firewalls into unexpected reboots using specially crafted network packets. The flaw, tracked as CVE-2025-4619, affects multiple versions of PAN-OS running on PA-Series and…
Malicious npm Package with 206K Downloads Targeting GitHub Repositories to Steal Tokens
On Friday, November 7th, Veracode Threat Research discovered a dangerous typosquatting campaign targeting developers using GitHub Actions. The malicious npm package “@acitons/artifact” had accumulated over 206,000 downloads before being removed, posing a significant threat to GitHub-owned repositories and potentially compromising…
Phishing Emails Alert: How Spam Filters Can Steal Your Email Logins in an Instant
Cybercriminals have launched a sophisticated phishing campaign that exploits trust in internal security systems by spoofing email delivery notifications to appear as legitimate spam-filter alerts within organizations. These deceptive emails are designed to steal login credentials that could compromise email…
OpenAI Sora 2 Vulnerability Allows Exposure of Hidden System Prompts from Audio Data
Security researchers have successfully extracted the system prompt from OpenAI’s Sora 2 video generation model by exploiting cross-modal vulnerabilities, with audio transcription proving to be the most effective extraction method. Sora 2, OpenAI’s state-of-the-art multimodal model for generating short video…
Hackers Infiltrate npm Registry with 43,000 Spam Packages, Linger for Nearly Two Years
Security researcher Paul McCarty has uncovered a massive coordinated spam campaign targeting the npm ecosystem. The IndonesianFoods worm, comprising over 43,000 malicious packages published across at least 11 user accounts, remained active in the registry for nearly two years before…
Threat Actors Use JSON Storage for Hosting and Delivering Malware via Trojanized Code
A sophisticated campaign attributed to North Korean-aligned threat actors is weaponizing legitimate JSON storage services as an effective vector for deploying advanced malware to software developers worldwide. The “Contagious Interview” operation demonstrates how threat actors continue to innovate in their…
SmartApeSG Uses ClickFix to Deploy NetSupport RAT
The SmartApeSG campaign, also known as ZPHP and HANEYMANEY, continues to evolve its infection tactics, pivoting to ClickFix-style attack vectors. Security researchers have documented the campaign’s latest methodology, which uses deceptive fake CAPTCHA pages to trick users into executing malicious…
CISA Warns of Active Exploitation of Windows Kernel 0-Day Enabling Privilege Escalation
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about the active exploitation of a new zero-day vulnerability in Microsoft Windows. This security flaw, tracked as CVE-2025-62215, affects the Windows Kernel and could allow attackers to escalate…
Operation Endgame: Authorities Takedown 1,025 Servers Linked to Rhadamanthys, VenomRAT, and Elysium
Between November 10 and 14, 2025, law enforcement agencies executed one of the most significant coordinated operations against cybercriminals in recent history. Operation Endgame, coordinated from Europol’s headquarters in The Hague, successfully dismantled three major threats to global cybersecurity: the…
Kibana Vulnerabilities Expose Systems to SSRF and XSS Attacks
Elastic has released a security advisory addressing an origin validation error in Kibana that could expose systems to Server-Side Request Forgery (SSRF) attacks. The vulnerability, tracked as CVE-2025-37734, affects multiple versions of the popular data visualization and exploration platform and has prompted…
GitLab Vulnerabilities Expose Users to Prompt Injection Attacks and Data Theft
GitLab has released critical security patches addressing nine vulnerabilities across Community Edition (CE) and Enterprise Edition (EE), including a concerning prompt injection flaw in GitLab Duo that could expose sensitive information from confidential issues. The company is urging all self-managed installations to…
Malicious Chrome Extension Grants Full Control Over Ethereum Wallet
Security researchers have uncovered a sophisticated supply chain attack disguised as a legitimate cryptocurrency wallet. Socket’s Threat Research Team discovered a malicious Chrome extension called “Safery: Ethereum Wallet,” published on the Chrome Web Store on November 12, 2024, that employs…
New ClickFix Attack Targeting Windows and macOS Users to Deploy Infostealer Malware
Security researchers have uncovered a sophisticated malware campaign that leverages the ClickFix social engineering technique to distribute information-stealing malware across Windows and macOS platforms. The campaign demonstrates how threat actors are exploiting legitimate search queries for cracked software to deliver…
Critical Dell Data Lakehouse Flaw Allows Remote Attackers to Escalate Privileges
Dell Technologies has disclosed a critical security vulnerability affecting its Data Lakehouse platform that could allow attackers with high-level privileges to escalate their access and compromise system integrity. The flaw, tracked as CVE-2025-46608, carries a maximum CVSS severity score of…
Citrix NetScaler ADC and Gateway Flaw Allows Cross-Site Scripting (XSS) Attacks
Cloud Software Group has disclosed a cross-site scripting (XSS) vulnerability affecting NetScaler ADC and NetScaler Gateway platforms. The flaw, tracked as CVE-2025-12101, poses a moderate security risk to organizations relying on these network appliances for authentication and secure access services.…
CISA Warns of Active Exploitation of WatchGuard Firebox Out-of-Bounds Write Flaw
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting WatchGuard Firebox firewalls to its Known Exploited Vulnerabilities (KEV) catalog, warning of active exploitation in the wild. The flaw, tracked as CVE-2025-9242, poses severe risks to organizations…