A novel AI-driven email attack toolkit named SpamGPT has surfaced on underground hacking forums, promising cybercriminals an all-in-one platform for launching large-scale phishing campaigns. Advertised as an “AI-powered spam-as-a-service” solution, SpamGPT automates compromise of email servers, bypasses major spam filters, and offers…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
New Cyber Attack Exploits DeskSoft to Spread Malware via RDP Command Execution
An emerging threat campaign has been identified that weaponizes a trojanized version of DeskSoft’s EarthTime application to deploy sophisticated malware, leveraging Remote Desktop Protocol (RDP) access for command execution and network reconnaissance. Security analysts attribute the intrusion to an affiliate…
New Malware Exploits Exposed Docker APIs to Gain Persistent Root SSH Access
The Akamai Hunt Team has uncovered a new strain of malware that targets exposed Docker APIs with expanded infection capabilities. First observed in August 2025 within Akamai’s honeypot infrastructure, this variant diverges from the June 2025 Trend Micro report by…
Jaguar Land Rover Halts Operations Longer Due to Cyberattack Impact
Jaguar Land Rover’s UK factories will remain closed until at least Wednesday as the company continues to recover from a cyberattack that struck its systems on 31 August. The carmaker shut down its IT networks in response to the breach,…
MostereRAT Exploits AnyDesk and TightVNC for Remote Access on Windows Systems
Cybersecurity researchers at FortiGuard Labs have uncovered a sophisticated phishing campaign that deploys the MostereRAT remote access trojan to compromise Windows systems. The malware leverages advanced evasion techniques and installs legitimate remote access tools like AnyDesk and TightVNC to maintain…
Dynatrace Data Breach Exposes Customer Information Stored in Salesforce
Dynatrace has confirmed that customer data stored in Salesforce was exposed following a third-party breach involving Salesloft’s Drift application. The incident, which occurred in August 2025, allowed unauthorized access to Salesforce CRM data across multiple companies. Both Salesloft and Salesforce…
New Exploitation Method Discovered for Linux Kernel Use-After-Free Vulnerability
A new exploitation method has been discovered for the Linux kernel use-after-free (UAF) vulnerability tracked as CVE-2024-50264. The vulnerability was awarded the Pwnie Award 2025 for Best Privilege Escalation due to its complexity and impact on major Linux distributions. Researchers developed innovative techniques…
Windows Defender Vulnerability Lets Hackers Hijack and Disable Services Using Symbolic Links
A newly demonstrated attack technique has revealed a flaw in how Windows Defender manages its update and execution mechanism. By exploiting symbolic links, attackers can hijack Defender’s service folders, gain full control over its executables, and even disable the antivirus…
APT37 Deploys New Rust and Python Malware Targeting Windows Systems
The North Korean-aligned threat group APT37, also known as ScarCruft, Ruby Sleet, and Velvet Chollima, has evolved its cyber warfare capabilities by deploying sophisticated Rust and Python-based malware in recent campaigns targeting Windows systems. Active since 2012, this advanced persistent…
Hackers Hijack 18 Popular npm Packages Downloaded Over 2 Billion Times Weekly
Hackers have hijacked 18 extremely popular npm packages, downloaded more than 2 billion times every week, injecting them with sophisticated malware that targets cryptocurrency users and developers. Early on September 8th, a security feed flagged the sudden update of 18…
Chinese Hackers Salt Typhoon and UNC4841 Team Up to Breach Critical Infrastructure
Cybersecurity researchers at Silent Push have uncovered a sophisticated Chinese espionage operation linking two prominent threat actors, Salt Typhoon and UNC4841, revealing previously unreported infrastructure used to target government and corporate networks across more than 80 countries. The discovery of…
Maduro Hails Huawei Mate X6 Gift From China as ‘Unhackable’ by U.S.
Venezuelan President Nicolás Maduro made bold claims about cybersecurity during a press conference on September 1, 2025, as he showcased a Huawei smartphone gifted to him by Chinese President Xi Jinping. Holding up the device before international media in Caracas,…
Qualys Confirms Cyberattack Campaign Targeting Salesforce via Salesloft and Drift
Qualys has confirmed that it was recently impacted by a cybersecurity campaign targeting Salesloft and Drift, two third-party SaaS platforms that integrate with Salesforce. The company emphasized that customer data and its own production environments on the Qualys Cloud Platform…
LunaLock Ransomware Attacking Artists to Steal and Encrypt Data
LunaLock, a newly surfaced ransomware strain, has launched a targeted campaign against independent artists and their clients, demanding a hefty ransom in exchange for stolen creative works and leaked personal data. Emerging in early September 2025, the LunaLock group claims…
Kimsuky Hackers’ Playbook Uncovered in Exposed ‘Kim’ Data Dump
A rare breach attributed to a North Korean–affiliated actor named “Kim” by the leakers has unveiled unprecedented insight into Kimsuky (APT43) operations. Dubbed the “Kim” dump, the 9 GB dataset includes active bash histories, phishing domains, OCR workflows, custom stagers,…
Hackers Exploit Amazon SES to Blast Over 50,000 Malicious Emails Daily
A sophisticated cyberattack campaign where threat actors exploited compromised AWS credentials to hijack Amazon’s Simple Email Service (SES), launching large-scale phishing operations capable of sending over 50,000 malicious emails daily. The Wiz Research team identified this alarming SES abuse campaign…
PgAdmin Vulnerability Allows Attackers to Gain Unauthorized Account Access
A newly disclosed security flaw in pgAdmin4, the widely used open-source tool for managing PostgreSQL databases, has raised serious concerns among developers and database administrators across the world. The vulnerability, tracked as CVE-2025-9636, was recently highlighted in the GitHub Advisory Database and…
Web Application Firewall Bypassed via JS Injection with Parameter Pollution
In a recent autonomous penetration test, a novel cross-site scripting (XSS) bypass that sidesteps even highly restrictive Web Application Firewalls (WAFs). Security researchers uncovered a ASP.NET application protected by a rigorously configured WAF. Conventional XSS payloads—breaking out of single-quoted JavaScript…
How Microsoft Azure Storage Logs Help Investigate Security Breaches
When a security breach occurs, vital evidence often appears in unexpected places. One such source is Microsoft Azure Storage logs, which play a critical role in digital forensics. While storage accounts are often overlooked, enabling and analyzing their logs can help…
U.S. Officials Investigating Cyber Threat Aimed at China Trade Talks
According to the Wall Street Journal, the deceptive message, purporting to come from Representative John Moolenaar, was dispatched in July to multiple U.S. trade groups, prominent law firms and government agencies. WASHINGTON, Sept. 7 (Reuters) – U.S. authorities have launched…