Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Seqrite Labs has uncovered a sophisticated variant of the Masslogger credential stealer malware being distributed through VBScript Encoded (.VBE) files. This advanced threat, which likely spreads via spam emails or drive-by downloads, operates as a multi-stage fileless malware, heavily exploiting…

Read more →

The global cybersecurity landscape is facing a seismic shift as the Qilin ransomware group, also known as Agenda, has surged to the forefront of digital extortion, demanding ransoms as high as $50 million and disrupting critical services worldwide. Once an…

Read more →

The Golden SAML assault is a lesser-known but much more dangerous threat in a world where password-based hacks breach millions of accounts every month. Unlike common password sprays or phishing attempts, Golden SAML attacks are rare, with Microsoft reporting only…

Read more →

Viasat Inc., a leading U.S. satellite and wireless communications provider, has been identified as the latest victim in a sweeping cyberespionage campaign attributed to the Chinese state-sponsored group known as Salt Typhoon. The breach, which occurred during the 2024 U.S.…

Read more →

A threat actor group known as Banana Squad has been found exploiting GitHub, a cornerstone platform for developers worldwide, by hosting over 60 malicious repositories containing hundreds of trojanized Python files. Discovered by the ReversingLabs threat research team, this campaign…

Read more →

Google Threat Intelligence Group (GTIG), in collaboration with external partners, has uncovered a sophisticated phishing campaign orchestrated by a Russia state-sponsored cyber threat actor, tracked as UNC6293. Active from at least April through early June 2025, this campaign specifically targeted…

Read more →

The ClamAV development team has rolled out two crucial security patch releases, versions 1.4.3 and 1.0.9, aimed at resolving significant vulnerabilities that could compromise system integrity. Alongside these patches, the team has introduced Linux aarch64 (ARM64) RPM and DEB installer…

Read more →

A sophisticated malware campaign dubbed SERPENTINE#CLOUD has emerged, leveraging Cloudflare Tunnel infrastructure to deliver Python-based malware to Windows systems across Western nations, including the United States, United Kingdom, and Germany. This ongoing operation, characterized by its use of obfuscated scripts…

Read more →

Microsoft has announced a significant update to its identity platform, Microsoft Entra ID, with the introduction of expanded passkey (FIDO2) support in public preview. Set to roll out globally from mid-October to mid-November 2025, this enhancement marks a major step…

Read more →

A groundbreaking detection technique called Jitter-Trap has been unveiled by Varonis Threat Labs, promising to revolutionize how organizations identify one of the most elusive stages in the cyberattack lifecycle: post-exploitation and command-and-control (C2) communication. This method leverages the very randomness that threat…

Read more →

A sophisticated cyberattack campaign has been uncovered, leveraging LogMeIn Resolve remote access software to gain unauthorized control over user systems. Security researchers report that the attack begins with a convincingly crafted invoice-themed spam email, designed to trick recipients into opening…

Read more →

A newly disclosed vulnerability in Cisco’s AnyConnect VPN implementation for Meraki MX and Z Series devices poses a significant risk to enterprise networks, enabling unauthenticated attackers to disrupt remote access by triggering denial-of-service (DoS) conditions. The flaw, tracked as CVE-2025-20271,…

Read more →

Thai authorities have dismantled a sophisticated criminal enterprise operating from the eight-storey Antai Holiday Hotel in Pattaya, unearthing both a high-stakes gambling den and a cybercrime ring specializing in ransomware attacks. The raid, conducted at 11:30 p.m. on June 16,…

Read more →

A newly disclosed vulnerability in Apache Traffic Server (ATS) has raised serious concerns among enterprise users and cloud providers, as attackers can exploit a flaw in the Edge Side Includes (ESI) plugin to trigger denial-of-service (DoS) attacks by exhausting server…

Read more →

A critical vulnerability known as Password Reset Link Poisoning has recently come under the spotlight, exposing web users and organizations to the risk of full account takeover. This flaw, which leverages Host Header Injection, enables attackers to manipulate the domain in password…

Read more →

A critical Server-Side Request Forgery (SSRF) vulnerability has been discovered in the @opennextjs/cloudflare package, posing a significant security threat to websites deployed using the Cloudflare adapter for Open Next. The flaw, now tracked as CVE-2025-6087, allows unauthenticated attackers to proxy…

Read more →

The People’s Liberation Army (PLA) of China has adopted generative artificial intelligence (AI) to revolutionize its intelligence capabilities, marking a major step in modernizing military operations. According to recent analyses, the PLA has shown a clear intent to integrate generative…

Read more →

A North Korean-affiliated threat actor called Famous Chollima (also known as Wagemole) has launched a sophisticated remote access trojan (RAT) campaign against Windows and MacOS devices, a concerning development discovered by Cisco Talos in May 2025. This group, suspected to…

Read more →

Russia’s sophisticated cyber warfare strategy emerges as a calculated blend of state power and non-state agility, leveraging private companies, hacktivists, and criminal proxies to amplify its digital dominance. The roots of this hybrid model trace back to the collapse of…

Read more →

The Sysdig TRT has uncovered critical vulnerabilities in the GitHub Actions workflows of several high-profile open source projects, including those maintained by MITRE and Splunk. GitHub Actions, a popular platform for automating CI/CD pipelines, offers immense flexibility for developers but…

Read more →