A newly disclosed critical vulnerability in the Next.js framework, tracked as CVE-2025-29927, allows unauthenticated attackers to bypass middleware-based authorization checks by exploiting improper handling of the x-middleware-subrequest HTTP header. This flaw impacts all versions of Next.js that rely on this header to…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Hackers Exploit Email Marketing Platforms to Deliver Hidden Malware
In recent months, Trustwave SpiderLabs—a LevelBlue company renowned for its threat intelligence and incident response services—has observed a marked uptick in phishing campaigns that leverage legitimate email marketing platforms to cloak malicious links. By hijacking established infrastructure and URL redirectors,…
MediaTek Issues Security Update to Patch Multiple Chipset Flaws
MediaTek today published its September 2025 Product Security Bulletin, disclosing and remediating a series of critical and moderate vulnerabilities in its modem and system components. The announcement highlights that all affected device OEMs have already received patches for at least…
Hackers Register Domains to Target 2026 FIFA World Cup in Cyberattack
A concerning surge in malicious domain registrations designed to exploit the upcoming 2026 FIFA World Cup, with threat actors already positioning themselves more than a year before the tournament begins. A comprehensive investigation by PreCrime Labs, the threat research division…
Salesforce Publishes Forensic Guide After Series of Cyberattacks
Salesforce has published a comprehensive forensic investigation guide aimed at empowering organizations to detect, analyze, and remediate security incidents within their Salesforce environments. The new guide distills best practices across three critical areas: activity logs, user permissions, and backup data—providing…
IBM Watsonx Vulnerability Enables SQL Injection Attacks
A critical vulnerability in the IBM Watsonx Orchestrate Cartridge for IBM Cloud Pak for Data has been disclosed, enabling blind SQL injection attacks that could compromise sensitive data. Tracked as CVE-2025-0165, this flaw allows authenticated attackers to inject malicious SQL statements, potentially leading to…
Hackers Exploit macOS Security Features to Spread Malware
A growing wave of sophisticated attacks is turning macOS’s built-in security defenses into avenues for malware distribution, according to recent security research. As macOS continues to gain market share, cybercriminals are adapting their strategies to exploit even the most robust…
Fraudulent Scholarship Apps Target Students in “Defarud” Scam Campaign
An Android malware tracker named SikkahBot, active since July 2024 and explicitly targeting students in Bangladesh. Disguised as applications from the Bangladesh Education Board, SikkahBot lures victims with promises of scholarships, coerces them into sharing sensitive information, and requests high-risk…
Malicious npm Package Impersonates Popular Nodemailer, Puts 3.9M Weekly Downloads at Risk of Crypto Theft
A sophisticated cryptocurrency theft scheme involving a malicious npm package that masquerades as the widely-used Nodemailer email library while secretly hijacking desktop cryptocurrency wallets on Windows systems. Socket’s Threat Research Team identified the malicious package, nodejs-smtp, which impersonates the legitimate…
Critical ImageMagick Vulnerability Allows Remote Code Execution
A critical security vulnerability has been discovered in ImageMagick, the widely used open-source image processing software, that could allow attackers to execute arbitrary code remotely. The vulnerability, tracked as CVE-2025-57803 with a severity score of 9.8 out of 10, affects 32-bit builds of ImageMagick…
Windows 11 25H2 Preview Build Released: Here’s What’s New
Microsoft has begun rolling out the Windows 11, version 25H2 (Build 26200.5074) preview to the Release Preview Channel, offering enthusiasts and enterprise customers an early look at this year’s annual feature update ahead of general availability later in 2025. This…
APT Groups Weaponize Infostealer Malware in Precision Attacks
The cybersecurity landscape has witnessed a dangerous evolution as Advanced Persistent Threat (APT) groups increasingly weaponize opportunistic infostealer malware for sophisticated espionage campaigns. What once served as broad-spectrum credential harvesting tools are now being repurposed into precision instruments of geopolitical…
Hackers Exploit Windows Defender Policies to Shut Down EDR Agents
Cybercriminals are now weaponizing Windows Defender Application Control (WDAC) policies to disable Endpoint Detection and Response (EDR) agents en masse. What began as a proof-of-concept research release in December 2024 has quickly evolved into an active threat, with multiple malware…
Linux UDisks Daemon Vulnerability Lets Attackers Access Privileged User Files
Red Hat has disclosed a critical security flaw in the Udisks daemon that allows unprivileged users to exploit an out-of-bounds read vulnerability and gain access to files owned by privileged accounts. The vulnerability, tracked as CVE-2025-8067, was publicly released on…
Netskope Windows Client Vulnerability Enables Privilege Escalation via Rogue Server
A serious security vulnerability in Netskope’s Windows client has been discovered that could allow attackers to escalate privileges from a low-privileged user to full system-level access. The flaw, tracked as CVE-2025-0309, affects all versions of the Netskope Windows client prior…
Vulnerabilities in Sitecore CMS Platform Allow Excute Arbitrary Code Remotely
Security researchers at watchTowr Labs have uncovered a devastating chain of vulnerabilities in Sitecore Experience Platform that could allow attackers to completely compromise enterprise websites without authentication. The research reveals how cybercriminals could poison website cache systems, escalate privileges, and…
AI Waifu RAT Exploits Users with Advanced Social Engineering Tactics
A sophisticated new malware campaign has emerged that weaponizes artificial intelligence and social engineering to target niche online communities. Security researchers have identified the “AI Waifu RAT,” a remote access trojan that masquerades as an innovative AI interaction tool while…
Google Urges 2.5B Gmail Users to Reset Passwords After Salesforce Breach
A sophisticated voice phishing operation has emerged as a significant threat to organizations worldwide, with cybercriminals successfully infiltrating Salesforce environments to steal sensitive data and demand ransom payments. Google’s Threat Intelligence Group has identified this financially motivated campaign, designating the…
QNAP Flaw Allows Attackers to Bypass Authentication
QNAP Systems has released security patches to address multiple vulnerabilities affecting QVR firmware in legacy VioStor Network Video Recorder (NVR) systems. The company disclosed two significant security flaws on August 29, 2025, urging users to update their systems immediately to…
Citrix 0-Day Flaw Under Active Exploitation Since May
Security researcher Kevin Beaumont has revealed alarming details about CVE-2025-6543, a critical Citrix NetScaler vulnerability that was actively exploited as a zero-day attack for months before the company issued patches. What Citrix initially downplayed as a simple “denial of service”…