Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

A novel social engineering technique dubbed “ClickFix” has surged by an alarming 517% between the second half of 2024 and the first half of 2025, as reported by ESET telemetry data. This manipulative attack vector, now the second most prevalent…

Read more →

The cyber threat group APT-C-36, widely known as Blind Eagle, has been orchestrating sophisticated cyberattacks targeting a range of sectors across Latin America, with a pronounced focus on Colombian organizations. This group has consistently zeroed in on government institutions, financial…

Read more →

A critical security vulnerability has been discovered in multiple Mitsubishi Electric air conditioning systems, potentially allowing hackers to bypass authentication and remotely control affected units. The flaw, identified as CVE-2025-3699, was disclosed by Mitsubishi Electric on June 26, 2025, and…

Read more →

After nearly four decades as a symbol of frustration and failure for PC users worldwide, Microsoft is officially retiring the iconic Blue Screen of Death (BSOD) in favor of a new, sleeker Black Screen of Death. The change, set to…

Read more →

A 27-year-old former student of Western Sydney University has been charged with a string of cyber offences, following an extensive investigation into a series of cyber attacks that have plagued the institution since 2021. The arrest comes after a coordinated…

Read more →

A critical pre-authentication vulnerability (CVE-2025-6709) in MongoDB Server enables unauthenticated attackers to trigger denial-of-service (DoS) conditions by exploiting improper input validation in OIDC authentication. The flaw allows malicious actors to crash database servers by sending specially crafted JSON payloads containing…

Read more →

A Kansas City man has pleaded guilty to federal charges after admitting he hacked into the computer systems of multiple organizations in an attempt to promote his cybersecurity services, according to the U.S. Department of Justice. Nicholas Michael Kloster, 32,…

Read more →

A newly disclosed critical vulnerability in the Open VSX Registry, the open-source marketplace for Visual Studio Code (VS Code) extensions, has put millions of developers worldwide at risk of devastating supply chain attacks. The flaw, discovered by cybersecurity researchers at…

Read more →

A severe security flaw has been identified in IBM WebSphere Application Server, potentially allowing remote attackers to execute arbitrary code on affected systems. Tracked under CVE-2025-36038, this vulnerability stems from a deserialization of untrusted data issue, classified under CWE-502. IBM…

Read more →

The Iranian threat group Educated Manticore, also tracked as APT35, APT42, Charming Kitten, or Mint Sandstorm, has intensified its cyber-espionage operations targeting Israeli cybersecurity experts, computer science professors, and journalists. Associated with the Islamic Revolutionary Guard Corps’ Intelligence Organization (IRGC-IO),…

Read more →

A severe security flaw, dubbed nOAuth, has been identified in certain software-as-a-service (SaaS) applications integrated with Microsoft Entra ID, potentially allowing attackers to achieve full account takeover across tenant boundaries. Research conducted by Semperis, disclosed on June 26, 2025, revealed…

Read more →

Researchers at BallisKit have introduced a sophisticated scenario within their MacroPack Pro tool to obfuscate and weaponize .NET assemblies, significantly enhancing their stealth against modern security solutions. As .NET has become a preferred language for crafting prominent offensive tools like…

Read more →

Threat actors are increasingly leveraging the trusted names of popular software and services like ChatGPT, Cisco AnyConnect, Google Meet, and Microsoft Teams to orchestrate sophisticated cyberattacks. According to a recent report by Kaspersky Lab, SMBs, often perceived as less fortified…

Read more →

WhatsApp has announced the upcoming launch of “Message Summaries”—an AI-powered feature designed to help users quickly catch up on unread messages. Powered by Meta AI, this innovation aims to provide concise, private summaries of chats, making it easier than ever…

Read more →

Cisco has issued urgent security patches addressing two critical vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) platforms. These flaws, which both carry the highest possible CVSS severity score of 10.0, could allow unauthenticated remote…

Read more →

 In a major breakthrough in the fight against cybercrime, U.S. and French authorities have charged and detained 25-year-old British national Kai West, believed to be the notorious hacker known as “IntelBroker.” West was arrested in France in February and is…

Read more →

Microsoft is rolling out a major update to Microsoft Teams, empowering administrators with enhanced control over third-party app availability through new rule-based settings in the Teams admin center. This change—detailed in Microsoft’s recent Message Center update (MC1085133)—is set to begin…

Read more →

Hewlett Packard Enterprise (HPE) has issued a critical security bulletin warning customers of a significant vulnerability in its OneView for VMware vCenter (OV4VC) software. The flaw, tracked as CVE-2025-37101, could allow attackers with only read-only privileges to escalate their access…

Read more →

Cybercriminals are increasingly leveraging large language models (LLMs) to amplify their hacking operations, utilizing both uncensored versions of these AI systems and custom-built criminal variants. LLMs, known for their ability to generate human-like text, write code, and solve complex problems,…

Read more →

IBM X-Force researchers have uncovered a series of targeted cyberattacks orchestrated by the China-aligned threat actor Hive0154. Throughout 2025, this group has been deploying the Pubload malware, a potent backdoor, through meticulously crafted phishing lures aimed at the Tibetan community.…

Read more →