Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Security researchers have discovered a critical stack-based buffer overflow vulnerability in D-Link DIR-825 Rev.B 2.10 routers that allows remote attackers to crash servers without requiring authentication. The vulnerability, designated as CVE-2025-7206, affects the router’s httpd binary and can be exploited…

Read more →

A critical arbitrary file deletion vulnerability has been discovered in the SureForms WordPress plugin, affecting over 200,000 active installations and potentially enabling unauthenticated attackers to achieve full site takeover. The flaw, tracked as CVE-2025-6691 with a CVSS score of 8.8…

Read more →

A critical vulnerability in Juniper Networks’ Junos OS and Junos OS Evolved has been disclosed that permits unauthenticated adjacent attackers to trigger a sustained denial of service by sending specially crafted BGP UPDATE packets. The issue, tracked as CVE-2025-52953, affects…

Read more →

Security researchers have uncovered a critical vulnerability in Laravel applications where exposed APP_KEY credentials are being actively exploited to achieve remote code execution (RCE) on hundreds of production systems. This widespread security flaw stems from Laravel’s automatic deserialization of decrypted…

Read more →

Microsoft has released Windows 11 Build 26100.4762 (KB5062660) to Insiders in the Release Preview Channel, introducing a redesigned restart interface that displays on a black background – a significant departure from traditional system recovery screens. This update brings substantial changes to user…

Read more →

Palo Alto Networks has disclosed a significant security vulnerability in its Autonomous Digital Experience Manager software that could allow attackers to gain root-level access on macOS systems.  The vulnerability, tracked as CVE-2025-0139, affects versions 5.6.0 through 5.6.6 of the software…

Read more →

A Russian blockchain engineer lost over $500,000 in cryptocurrency holdings in June 2025 after being the victim of a carefully planned cyberattack, serving as a terrifying reminder of the perils that might exist in open-source ecosystems. The attack, investigated by…

Read more →

A sophisticated variant of the macOS.ZuRu malware, first identified by a Chinese blogger in July 2021, has resurfaced with a new method of attack targeting macOS users through a trojanized version of the popular cross-platform SSH client Termius. Initially spread…

Read more →

The team at ANY.RUN recently reviewed a powerful Android packer called Ducex, which is linked to the infamous Triada malware, and criticized it for its sophisticated obfuscation methods. First identified within a fake Telegram app, Ducex serves as a protective…

Read more →

Schneider Electric, a global leader in industrial technology and sustainability, has issued a critical security notification revealing multiple vulnerabilities in its EcoStruxure IT Data Center Expert (DCE) software, a scalable monitoring solution for data center equipment. Released on July 8,…

Read more →

The Office of Foreign Assets Control (OFAC) of the U.S. Department of the Treasury has taken a strong stance against cyber-enabled financial schemes that support North Korea’s illicit weapons programs by imposing sanctions on Song Kum Hyok, a malevolent cyber…

Read more →

SafePay ransomware has become one of the most active and destructive threat actors in Q1 2025, a shocking development in the cybersecurity scene. According to the Acronis Threat Research Unit (TRU), SafePay has aggressively targeted over 200 victims worldwide, including…

Read more →

Identity-driven assaults have increased by a shocking 156% between 2023 and 2025, making up 59% of all confirmed threat instances in Q1 2025, according to data conducted by eSentire’s Threat Response Unit (TRU). This dramatic shift from traditional asset-focused exploits…

Read more →

CYFIRMA has discovered a sophisticated cyberattack campaign in which threat actors are using GitHub to host and disseminate malware masquerading as genuine software. Masquerading as “Free VPN for PC” and “Minecraft Skin Changer,” these malicious payloads are designed to trick…

Read more →

Cary, North Carolina, July 10th, 2025, CyberNewsWire Industry’s Most Comprehensive Mobile Application Penetration Testing Program Addresses Real-World Mobile Security Challenges. INE Security, a leading provider of cybersecurity education and cybersecurity certifications, today launched its significantly enhanced eMAPT (Mobile Application Penetration…

Read more →

Security researchers have identified a critical vulnerability in ServiceNow’s widely-used enterprise platform that could enable attackers to extract sensitive data including personally identifiable information (PII), credentials, and financial records. The flaw, dubbed “Count(er) Strike” by Varonis Threat Labs, affects ServiceNow…

Read more →

UK law enforcement authorities have made significant progress in their investigation into cyber attacks targeting some of Britain’s most prominent retailers, with four individuals now in custody following coordinated arrests across the West Midlands and London. The National Crime Agency…

Read more →

Security researchers have disclosed a critical set of Bluetooth vulnerabilities dubbed “PerfektBlue” that affect millions of vehicles and other devices using OpenSynergy’s BlueSDK framework. The vulnerabilities can be chained together to achieve remote code execution (RCE) with minimal user interaction,…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security advisory warning that multiple vulnerabilities in Emerson ValveLink Products could allow attackers to access sensitive system information and execute unauthorized code. The alert, designated ICSA-25-189-01 and released on…

Read more →

The Rhadamanthys Stealer, a highly modular information-stealing virus that was first discovered in 2022, has made a comeback with a clever and dishonest delivery method called ClickFix Captcha. This is a terrifying development for cybersecurity experts. This technique disguises malicious…

Read more →