A sophisticated malware operation that combines multiple attack vectors to steal cryptocurrency and deliver additional malicious payloads to Windows systems. A recently discovered TinyLoader malware campaign is actively targeting Windows users through a multi-pronged attack strategy involving network share exploitation,…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Cloudflare Confirms Data Breach – Customer Data Exposed via Salesforce Attack
Cloudflare has disclosed a significant data breach affecting customer information following a sophisticated supply chain attack targeting its Salesforce integration with Salesloft Drift. The incident, which occurred between August 12-17, 2025, resulted in the exposure of customer support case data…
Top 10 Best API Penetration Companies In 2025
Securing APIs is a critical cybersecurity challenge in 2025 as they are the backbone of modern applications and a prime target for attackers. API penetration testing is no longer an optional check; it’s a necessity for finding business logic flaws,…
ESPHome Vulnerability Allows Unauthorized Access to Smart Devices
A critical authentication bypass flaw in ESPHome’s ESP-IDF web server component allows unauthorized users on the same local network to access and control smart devices without any valid credentials. Discovered and reported by security researcher jesserockz, the vulnerability (CVE-2025-57808) undermines…
Palo Alto Networks Confirms Data Breach via Compromised Salesforce Instances
Cybersecurity vendor Palo Alto Networks disclosed that its Salesforce environment was breached through a compromised Salesloft Drift integration, marking the latest in a series of supply chain attacks targeting customer relationship management platforms. According to a statement from Palo Alto…
OneDrive Phishing Attack Targets Corporate Executives for Credential Theft
A newly discovered spearphishing campaign is targeting executives and senior leadership across multiple industries by exploiting trusted OneDrive document‐sharing notifications. The Stripe OLT SOC has identified this sophisticated attack, which leverages highly tailored emails to impersonate internal HR communications and…
Google Dismiss Reports of Major Gmail Security Alert
Google has firmly rejected widespread reports suggesting it issued a global security alert to its 2.5 billion Gmail users, calling such claims “entirely false”. The tech giant moved swiftly to clarify the situation after viral headlines sparked unnecessary panic among…
Mapping the Web of Commercial Spyware: Targets and Attack Chains
A comprehensive new report spanning 2010 to 2025 reveals the ever-evolving landscape of commercial spyware vendors (CSVs), exposing the methods these private firms employ to infiltrate devices, their typical targets, and the infection chains that deliver their covert implants. The…
Massive 11.5 Tbps UDP Flood DDoS Attack Originated From Google Cloud
Cloudflare disclosed that its automated defenses intercepted and neutralized a record-shattering Distributed Denial-of-Service (DDoS) assault peaking at 11.5 terabits per second (Tbps). The attack, characterized as a hyper-volumetric UDP flood, lasted just 35 seconds but set a new industry high…
Iran-Nexus Hackers Exploit Omani Mailbox to Target Governments
A sophisticated spear-phishing campaign that exploited a compromised mailbox belonging to the Ministry of Foreign Affairs of Oman. The operation, attributed to an Iranian-aligned group known as Homeland Justice and linked to Iran’s Ministry of Intelligence and Security (MOIS), masqueraded…
Threat Hunting Guide Designed for SOC Analysts and MSSPs
Proactive threat hunting has become an essential discipline for Security Operations Center (SOC) analysts and Managed Security Service Providers (MSSPs). Traditional detection methods often miss novel or sophisticated adversarial techniques, making it critical for security teams to leverage advanced tools…
Prompt Injection Attacks Can Exploit AI-Powered Cybersecurity Tools
Researchers have demonstrated that advanced prompt injection techniques can turn defensive AI agents into potent vectors for system compromise. The findings, detailed in a new preprint titled “Cybersecurity AI: Hacking the AI Hackers via Prompt Injection,” expose a fundamental architectural…
Ukrainian Hackers Ramp Up Brute-Force and Password-Spraying Attacks on VPN and RDP Systems
In mid-2025, a coalition of Ukraine-based autonomous systems orchestrated unprecedented brute-force and password-spraying campaigns against exposed SSL VPN and Remote Desktop Protocol (RDP) services, overwhelming security defenses and highlighting the growing sophistication of state-linked cyber-infrastructure. Over a concentrated three-day period…
MobSF Vulnerability Allows Attackers to Upload Malicious Files
Critical security flaws discovered in Mobile Security Framework (MobSF) version 4.4.0 enable authenticated attackers to exploit path traversal and arbitrary file write vulnerabilities, potentially compromising system integrity and exposing sensitive data. Two significant vulnerabilities have been identified in the popular…
Microsoft to Retire Popular Editor Extensions on Edge and Chrome
Microsoft announced that its AI-powered Editor browser extensions for Microsoft Edge and Google Chrome will be retired effective October 31, 2025. With this move, the company aims to streamline its writing-assistance offerings by integrating the core capabilities of Microsoft Editor…
New WhatsApp Scam Poses Serious Risk: Hackers Can Hijack Your Chats
Users of the popular messaging app WhatsApp are being targeted by a new, highly deceptive scam that grants attackers full access to victims’ contacts, chat history, and media files. Cybercriminals are exploiting the app’s device linking feature to hijack accounts,…
HashiCorp Vault Vulnerability Allows Attackers to Crash Servers
A critical vulnerability in HashiCorp Vault—tracked as CVE-2025-6203 and HCSEC-2025-24—has been disclosed that allows malicious actors to submit specially crafted payloads capable of exhausting server resources and rendering Vault instances unresponsive. The flaw affects both Vault Community and Enterprise editions,…
Threat Actors Exploit Windows Search in AnyDesk ClickFix Attack to Spread MetaStealer
In a novel twist on the year-long trend of ClickFix scams, threat actors have blended human-verification social engineering with the Windows search protocol to deliver MetaStealer, a commodity infostealer notorious for harvesting credentials and exfiltrating sensitive files. While the attack…
Azure AD Vulnerability Leaks Credentials, Lets Attackers Deploy Malicious Apps
Exposing an ASP.NET Core appsettings.json file containing Azure Active Directory (Azure AD) credentials poses a critical attack vector, effectively handing adversaries the keys to an organization’s cloud environment. During a recent cybersecurity assessment by Resecurity’s HUNTER Team, researchers discovered that a…
Lazarus Hackers Exploit 0-Day to Deploy Three Remote Access Trojans
Over the past two years, Fox-IT and NCC Group have tracked a sophisticated Lazarus subgroup targeting financial and cryptocurrency firms. This actor overlaps with AppleJeus, Citrine Sleet, UNC4736 and Gleaming Pisces campaigns and leverages three distinct remote access trojans (RATs)—PondRAT,…