Cybersecurity researchers have uncovered a new phishing campaign that exploits GitHub’s official notification system to deliver malicious links and credential-stealing payloads. By capitalizing on the trust that open-source contributors place in GitHub’s communication channels, cybercriminals are able to bypass traditional…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Fake Job Offers Used to Deliver Advanced Malware Targeting Job Seekers
Iranian threat actors are exploiting job seekers’ aspirations through sophisticated fake recruitment campaigns designed to deploy advanced malware across Europe’s critical infrastructure sectors. The attack methodology demonstrates remarkable operational security and state-sponsored tradecraft characteristics. Nimbus Manticore, also known as UNC1549…
Windows 11 24H2 KB5064081 Update Causes Video Playback Issues
Microsoft’s latest Windows 11 update is causing significant problems for users trying to play protected video content. The KB5064081 update, released on August 29, 2025, has disrupted video playback functionality across multiple applications, leaving users frustrated with black screens and…
Top 10 Best Cybersecurity Compliance Management Software in 2025
Cybersecurity compliance has become a mission-critical part of modern business operations. With the rise of data privacy laws, global regulations, and increasing cyber threats, organizations need reliable compliance management software to stay secure and audit-ready. The best compliance platforms streamline…
BlockBlasters Steam Game Disguises Malware as Patch for Computer Download
BlockBlasters, a vibrant 2D platformer/shooter from Genesis Interactive, launched on July 31, 2025 to wide acclaim. However, on August 30, 2025, the developers released Build 19799326, ostensibly a routine patch. Security analysts at G DATA MXDR discovered that this update…
Stellantis Confirms Data Breach Affecting Citroën, Fiat, Jeep, and More
Automotive giant Stellantis has confirmed a significant data breach affecting its North American customer service operations, potentially impacting customers across its portfolio of brands including Citroën, Fiat, Jeep, Chrysler, and other subsidiaries. The company detected unauthorized access to a third-party…
Threat Actors Exploit Oracle Database Scheduler to Infiltrate Corporate Networks
Threat actors have begun exploiting the Oracle Database Scheduler’s External Jobs feature to execute arbitrary commands on corporate database servers, enabling stealthy initial footholds and rapid escalation of privileges. By abusing the extjobo.exe executable, attackers can run encoded PowerShell commands,…
Inboxfuscation Tool Bypasses Exchange Inbox Rules and Evades Detection
Advanced persistent threat actors increasingly target Microsoft Exchange inbox rules to maintain persistence and siphon sensitive data without raising alarms. The newly released Inboxfuscation tool delivers a Unicode-based obfuscation framework capable of generating malicious inbox rules that slip past conventional…
BlackLock Ransomware Targets Windows, Linux, and VMware ESXi Systems
BlackLock, a rebranded ransomware group formerly known as El Dorado, has emerged as a formidable threat to organizations worldwide. First identified in June 2024 when its Dedicated Leak Site (DLS) began exposing victim data, the gang is believed to have…
Subtle Snail Impersonation Tactics: How HR Representatives Can Engage Employees to Steal Login Credentials
Subtle Snail, an Iran-linked espionage group also tracked as UNC1549 under the Unyielding Wasp (Tortoiseshell) umbrella of the Charming Kitten network, has shifted its focus to European telecom, aerospace, and defense firms since June 2022. In a recent wave of…
Code Analysis Published for Chrome Type Confusion 0-Day Vulnerability
Google Chrome’s V8 JavaScript engine has long balanced speed and security for billions of users worldwide. On September 16, 2025, Google’s Threat Analysis Group discovered a critical zero-day flaw in the TurboFan compiler component of V8. Now tracked as CVE-2025-10585,…
God Mode Vulnerability Lets Attackers Access Any Resource in Microsoft Cloud Tenants
A recently disclosed flaw, tracked as CVE-2025-55241, allowed any attacker in possession of a single “Actor token” from a test or lab tenant to assume full administrative control over every Microsoft Entra ID (Azure AD) customer globally. Security researcher Dirk-Jan Mollema revealed…
Kawa4096 Ransomware Targets Multinational Corporations to Steal Sensitive Data
In June 2025, a previously unknown ransomware group dubbed Kawa4096 emerged, immediately drawing attention by targeting multinational organizations across diverse industries, including finance, education and services, in countries such as Japan and the United States. While no public evidence confirms…
Massive Lucid PhaaS Campaign: 17,500 Phishing Domains Mimic 316 Global Brands
Cybersecurity researchers at Netcraft have uncovered two sophisticated phishing campaigns linked to the Lucid and Lighthouse Phishing-as-a-Service (PhaaS) platforms, revealing a massive operation that has deployed over 17,500 phishing domains targeting 316 brands across 74 countries. This discovery highlights the…
Canada Police Shuts Down TradeOgre After $56M Crypto Theft
Montréal, Quebec, September 18, 2025 – In an unprecedented operation, the Royal Canadian Mounted Police (RCMP) Federal Policing – Eastern Region has executed the largest cryptocurrency seizure in Canadian history, recovering over 56 million dollars from the now-defunct TradeOgre exchange…
Threat Actors Fake FBI IC3 Portal to Steal Visitor Information
The Federal Bureau of Investigation has issued a critical public service announcement warning citizens about cybercriminals creating sophisticated spoofed versions of the FBI’s Internet Crime Complaint Center (IC3) website to harvest sensitive personal information from unsuspecting visitors. According to FBI…
Cybercriminals Exploit ICS Computers via Scripts and Phishing Attacks
Industrial control systems (ICS) continue to face increasing cybersecurity challenges as threat actors employ sophisticated malicious scripts and phishing campaigns to target critical infrastructure. According to new data from Q2 2025, while overall attack rates have shown a marginal decline,…
Attackers Bypass Windows “Mark of the Web” Protections Using LNK-Stomping
A sophisticated attack technique called LNK Stomping is enabling cybercriminals to bypass Windows security protections designed to block malicious files downloaded from the internet. The technique exploits a vulnerability in Windows shortcuts that was patched in September 2024 as CVE-2024-38217. Windows shortcuts,…
Hackers Abuse GitHub Pages to Spread Stealer Malware to macOS Users
A sophisticated malware campaign is targeting Mac users through fraudulent GitHub repositories that masquerade as legitimate software downloads, with threat actors exploiting search engine optimization tactics to deliver malicious links directly to unsuspecting victims. The LastPass Threat Intelligence, Mitigation, and…
Threat Actors Market Stealthy New RAT as Alternative to ScreenConnect FUD
Cybersecurity researchers have identified a concerning development in the underground cybercrime marketplace: a sophisticated Remote Access Trojan (RAT) being marketed as a fully undetectable (FUD) alternative to the legitimate ScreenConnect remote access solution. This emerging threat represents a significant escalation…