Security researchers have detected massive scanning campaigns targeting Cisco Adaptive Security Appliance (ASA) devices, with attackers probing over 25,000 unique IP addresses in coordinated waves that may signal an upcoming vulnerability disclosure. GreyNoise cybersecurity researchers observed two significant scanning surges…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Colombian Malware Exploits SWF and SVG to Evade Detection
A sophisticated malware campaign targeting Colombian institutions through an unexpected vector: weaponized SWF and SVG files that successfully evade traditional antivirus detection. The discovery emerged through VirusTotal’s newly enhanced Code Insight platform, which added support for analyzing these vector-based file…
Iran-Nexus Hackers Impersonate Omani MFA to Target Governments Entities
Cybersecurity researchers uncovered a sophisticated, Iran-linked spear-phishing operation that exploited a compromised Ministry of Foreign Affairs (MFA) mailbox in Oman to deliver malicious payloads to government entities worldwide. Analysts attribute the operation to the “Homeland Justice” group, believed to be…
Bridgestone Confirms Cyberattack Impacts Manufacturing Facilities Across North America
Tire manufacturer launches a comprehensive investigation after a limited cyber incident affects operations at multiple plants. Bridgestone Americas has confirmed that a cyberattack has impacted manufacturing facilities across North America, including two plants in Aiken County, South Carolina. The tire…
NoisyBear Exploits ZIP Files for PowerShell Loaders and Data Exfiltration
The threat actor known as NoisyBear has launched a sophisticated cyber-espionage effort called Operation BarrelFire, using specially designed phishing lures that imitate internal correspondence to target Kazakhstan’s energy sector, particularly workers of the state oil and gas major KazMunaiGas. Security…
GhostRedirector Hackers Target Windows Servers Using Malicious IIS Module
ESET security researchers have uncovered a sophisticated cyber threat campaign targeting Windows servers across multiple countries, with attackers deploying custom malware tools designed for both remote access and search engine manipulation. Cybersecurity experts at ESET have identified a previously unknown…
Frostbyte10 Vulnerabilities Let Hackers Gain Remote Access
Armis Labs has uncovered ten critical security flaws collectively named “Frostbyte10” in Copeland’s E2 and E3 building management controllers. These devices, which handle refrigeration, HVAC, lighting, and other essential functions, could allow remote attackers to execute code, change settings, disable…
Microsoft Confirms UAC Bug Disrupts App Installation on Windows 10 & 11
Microsoft has officially acknowledged a significant User Account Control (UAC) bug that is causing widespread installation issues across Windows 10 and Windows 11 systems. The problem stems from a security update released in August 2025 and affects millions of users…
Chinese APT Groups Exploit Router Flaws to Breach Enterprises
Chinese state-sponsored Advanced Persistent Threat (APT) groups have escalated their cyber espionage campaigns, systematically targeting global telecommunications, government, and military networks through sophisticated router exploitation techniques since 2021. Since at least 2021, Chinese state-sponsored cyber actors have been conducting extensive,…
Django Web Vulnerability Allows Attackers to Execute SQL Injection
The Django development team has issued security updates after discovering a high-severity SQL injection flaw in the FilteredRelation feature. This flaw could allow attackers to run harmful database commands by crafting unexpected query parameters. Users running Django 5.2, 5.1, or 4.2 should…
US Announces $10M Bounty on FSB Hackers Behind Cisco Exploits
The U.S. government has unveiled a $10 million reward for information leading to the arrest of three Russian FSB officers. The officers are accused of carrying out cyberattacks on U.S. critical infrastructure and exploiting Cisco network equipment. This public notice…
Extensive IPTV Network Spanning 1,000+ Domains and 10,000+ IP Addresses
Cybersecurity firm Silent Push has exposed a colossal illegal Internet Protocol Television (IPTV) network, revealing a sophisticated piracy operation that has been active for years across more than 1,000 domains and over 10,000 unique IP addresses. The findings highlight the…
Google Alerts to Active Exploitation of Sitecore Zero-Day Flaw
Security teams have issued a warning after Google researchers detected active attacks exploiting a new zero-day vulnerability in Sitecore products. Tracked as CVE-2025-53690, this flaw allows attackers to run code on unpatched servers by tampering with the ViewState mechanism in ASP.NET.…
TLS Certificate Mis-Issuance Exposes 1.1.1.1 DNS Service to Exploitation
Security researchers revealed that three unauthorized TLS certificates were issued in May 2025 for 1.1.1.1, the widely used public DNS service run by Cloudflare and APNIC. These certificates, improperly issued by the Fina RDC 2020 certificate authority, could allow attackers…
New Scam Targets PayPal Users During Account Profile Setup
A highly sophisticated phishing campaign is targeting PayPal users with a deceptive email designed to grant scammers direct access to their accounts. The attack, which has been circulating for at least a month, uses a clever trick that bypasses traditional…
Hackers Exploit X’s Grok AI to Push Malicious Links Through Ads
Malicious actors have found a new way to slip harmful links into X’s promoted posts by tricking Grok, the platform’s AI assistant. Although X explicitly bans links in paid promotions to curb malvertising, scammers now harness Grok’s content amplification to…
XWorm Malware Adopts New Infection Chain to Bypass Security Detection
Cybersecurity researchers have identified a sophisticated evolution in XWorm malware operations, with the backdoor campaign implementing advanced tactics to evade detection systems. The Trellix Advanced Research Center has documented this significant shift in the malware’s deployment strategy, revealing a deliberate…
New ‘NotDoor’ Malware Targets Outlook Users for Data Theft and System Compromise
Russian state-sponsored hackers have developed a sophisticated new backdoor malware called “NotDoor” that specifically targets Microsoft Outlook users, enabling attackers to steal sensitive data and gain complete control over compromised systems. The NotDoor malware has been attributed to APT28, the…
PagerDuty Confirms Data Breach After Salesforce Account Compromise
PagerDuty has confirmed that it experienced a data breach following a compromise of its Salesforce account. The company was first alerted to the issue by Salesloft on August 20, 2025, when Salesloft notified PagerDuty of a security problem in the…
CISA Alerts on TP-Link Authentication Flaw Under Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert about a serious security hole in certain TP-Link devices. This flaw, tracked as CVE-2020-24363, allows an attacker on the same network to take control without needing a password.…