Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

A critical security flaw in Langflow, a widely adopted Python-based AI prototyping framework, is being actively exploited by cybercriminals to deploy the rapidly evolving Flodrix botnet. Security researchers have confirmed that attackers are exploiting CVE-2025-3248, a remote code execution (RCE)…

Read more →

A sudden and highly coordinated wave of cyberattacks has struck Zyxel firewall and VPN devices worldwide, as hackers exploit a critical remote code execution (RCE) vulnerability tracked as CVE-2023-28771. The attacks, observed on June 16, 2025, leveraged UDP port 500—the…

Read more →

The Washington Post confirmed late last week that its email systems were targeted in a cyberattack, resulting in the compromise of several journalists’ email accounts. “The Wall Street Journal, which first reported the breach, said it was potentially the work…

Read more →

The emergence of Katz Stealer, a sophisticated information-stealing malware-as-a-service (MaaS) that is redefining the boundaries of credential theft. First detected this year, Katz Stealer combines aggressive data exfiltration with advanced system fingerprinting, stealthy persistence mechanisms, and evasive loader tactics. Distributed…

Read more →

The JFrog Security Research team has uncovered a sophisticated malicious package named “chimera-sandbox-extensions” on the Python Package Index (PyPI), a widely used repository for Python software. Uploaded by a user identified as “chimerai,” this package was designed to exploit unsuspecting…

Read more →

Cybersecurity enthusiast Xavier shed light on a sophisticated method of hiding malicious payloads within seemingly innocuous JPEG images. This discovery has sparked significant interest in the infosec community, as it highlights the growing complexity of cyber threats leveraging steganography the…

Read more →

A targeted cyberattack has struck The Washington Post, compromising the email accounts of several of its journalists and raising new concerns about the digital security of newsrooms worldwide. The breach, discovered late last week, prompted an immediate and sweeping response…

Read more →

In a major international law enforcement operation dubbed “Operation Deep Sentinel,” authorities have successfully dismantled the notorious darknet marketplace “Archetyp Market,” one of the world’s largest and longest-running illegal trading platforms. The takedown marks a significant victory in the ongoing…

Read more →

Zoomcar Holdings, Inc., the prominent car-sharing platform, has confirmed a significant data breach that has compromised the personal information of approximately 8.4 million users. The incident, which was first detected on June 9, 2025, was disclosed in a recent filing…

Read more →

The HP Threat Research team discovered a sophisticated malware campaign in Q1 2025 that targets vacation planners by imitating Booking.com using phony travel websites. As detailed in the latest HP Wolf Security Threat Insights Report, attackers are leveraging users’ “click…

Read more →

Calgary-based WestJet Airlines, Canada’s second-largest carrier, is grappling with the fallout from a significant cybersecurity incident that has disrupted access to its mobile app and internal systems. The breach, first detected on June 13, has led to intermittent outages and…

Read more →

The BERT ransomware group, first detected in April 2025 but active since mid-March, has expanded its reach from targeting Windows environments to launching sophisticated attacks on Linux machines as of May 2025. Initially spotted through phishing campaigns, BERT has evolved…

Read more →

North Korean Advanced Persistent Threat (APT) hackers, specifically the Konni group, have shifted their focus to Ukrainian government agencies in a targeted phishing campaign aimed at stealing login credentials and distributing malware. This attack, observed in February 2025, marks a…

Read more →

Threat actors have exploited Discord’s invite system to distribute malicious links, ultimately delivering AsyncRAT and other harmful payloads. Discord, a widely trusted platform for gamers, developers, and communities, has become a target for cybercriminals who abuse its infrastructure particularly the…

Read more →

A new infrastructure linked to GrayAlpha, a cybercriminal entity overlapping with the notorious FIN7 group, has been exposed. This financially motivated threat actor, active since at least 2013, is known for its sophisticated attacks targeting retail, hospitality, and financial sectors.…

Read more →

A new and menacing player has emerged in the cybercrime landscape with the introduction of Anubis, a Ransomware-as-a-Service (RaaS) operation that blends traditional file encryption with a devastating file destruction capability. Active since December 2024, Anubis has quickly gained notoriety…

Read more →

Microsoft is set to enhance data security in Microsoft 365 by extending Purview Data Loss Prevention (DLP) controls to Copilot’s handling of sensitive email data. Starting January 1, 2025, Microsoft 365 Copilot will be prevented from processing emails that carry…

Read more →

A major security alert has been issued for Android users after cybersecurity researchers uncovered more than 20 malicious applications on the Google Play Store designed to steal users’ login credentials, specifically targeting cryptocurrency wallet holders. The campaign, identified by Cyble…

Read more →

A curious technique has emerged: hiding images inside DNS TXT records. This approach, which at first glance seems unorthodox, leverages the flexibility of DNS TXT records to store arbitrary data, including the binary data that makes up an image. The method…

Read more →

A critical security vulnerability has been identified in IBM’s Backup, Recovery, and Media Services (BRMS) for IBM i, potentially exposing enterprise environments to privilege escalation attacks. The flaw, tracked as CVE-2025-33108, affects versions 7.4 and 7.5 of the BRMS software,…

Read more →