As part of the ongoing analysis of the KorPlug malware family, this second installment focuses on the complex second-stage payload, expanding on earlier discoveries of DLL side-loading methods that use legitimate programs to execute code initially. The payload, a malicious…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Chinese Hacker Sentenced for Kill Switch Attack on Ohio Firm’s Global Network
A federal court has handed down a four-year prison term to a former software developer who sabotaged his employer’s global network with a custom “kill switch,” crippling operations and inflicting hundreds of thousands in losses. Davis Lu, 55, a Chinese…
New macOS Installer Boasts Lightning-Fast Data Theft, Marketed on Dark Web
A novel macOS infostealer malware, designated as Mac.c, has emerged as a formidable contender in the underground malware-as-a-service (MaaS) ecosystem. Developed openly by a threat actor operating under the pseudonym “mentalpositive,” Mac.c represents a streamlined derivative of the notorious Atomic…
Hackers Exploit SendGrid to Steal User Login Credentials in Latest Attack
Cybersecurity researchers at the Cofense Phishing Defense Center (PDC) have uncovered a fresh surge in credential harvesting attacks that leverage the reputable cloud-based email service SendGrid to distribute phishing emails. Attackers are exploiting SendGrid’s trusted status, commonly used for transactional…
NIST Releases Lightweight Cryptography Standard for IoT Security
The National Institute of Standards and Technology (NIST) has formally published Special Publication 800-232, “Ascon-Based Lightweight Cryptography Standards for Constrained Devices,” establishing the first U.S. government benchmark for efficient cryptographic algorithms tailored to resource-constrained environments such as the Internet of…
Hackers Steal Windows Secrets and Credentials Undetected by EDR Detection
A cybersecurity researcher has unveiled a sophisticated new method for extracting Windows credentials and secrets that successfully evades detection by most Endpoint Detection and Response (EDR) solutions currently deployed in enterprise environments. The technique, dubbed “Silent Harvest,” leverages obscure Windows…
Happy Birthday Linux! 34 Years of Open-Source Power
August 25, 2025, marks the 34th anniversary of Linux, a project that began as a modest hobby and has grown into the bedrock of modern digital infrastructure. On this day in 1991, 21-year-old Finnish student Linus Torvalds posted to the…
Microsoft Copilot Agent Policy Flaw Lets Any User Access AI Agents
Microsoft has disclosed a critical flaw in its Copilot agents’ governance framework that allows any authenticated user to access and interact with AI agents within an organization—bypassing intended policy controls and exposing sensitive operations to unauthorized actors. At the core…
PoC Exploit and Technical Analysis Published for Apple 0-Day RCE Vulnerability
A critical zero-click remote code execution vulnerability in Apple’s iOS has been disclosed with a working proof-of-concept exploit, marking another significant security flaw in the company’s image processing capabilities. The vulnerability, tracked as CVE-2025-43300, affects Apple’s implementation of JPEG Lossless Decompression…
Critical Tableau Server Flaws Allows Malicious File Uploads
Salesforce has addressed multiple critical security vulnerabilities in Tableau Server and Desktop that could enable attackers to upload malicious files and execute arbitrary code. The vulnerabilities, disclosed on August 22, 2025, were proactively identified during a security assessment and patched…
10 Best Endpoint Detection And Response (EDR) Companies in 2025
In 2025, the endpoint remains the primary battleground for cyber attackers, making the implementation of EDR solutions a critical necessity for robust cybersecurity defenses. Laptops, desktops, servers, mobile devices, and cloud workloads are critical entry points and data repositories, making…
10 Best Incident Response Companies To Handle Data Breaches in 2025
Data breaches, encompassing everything from unauthorized access and data exfiltration to ransomware-induced data destruction, pose severe threats to an organization’s financial stability, reputation, and customer trust. The immediate aftermath of a breach is a chaotic and high-stakes environment where every…
10 Best Endpoint Protection Solutions for MSP/MSSPs in 2025
Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) are the guardians of cybersecurity for a vast and diverse clientele. In 2025, their role is more critical than ever as businesses of all sizes face an increasingly sophisticated and…
10 Best Web Content Filtering Solutions 2025
In the modern digital landscape, web content filtering is a fundamental component of cybersecurity and network management. A web content filtering solution is a technology that controls and monitors the web pages, URLs, and IP addresses that users can access.…
10 Best Network Monitoring Tools in 2025
The digital landscape in 2025 is more complex than ever, with organizations relying on intricate hybrid, cloud, and on-premises networks to power their operations. Network monitoring tools have become indispensable for IT teams to maintain network health, security, and performance.…
Agentic AI vs SOAR: What’s the Real Difference?
By now, you’ve heard the hype. Agentic AI; self-directed and goal-oriented. Supposedly, the next big thing in security automation. If you’re working in a Security Operations Center (SOC), it might sound like déjà vu. Agentic AI brings autonomous, decision-making security agents…
Hackers Hijack VPS Servers to Breach Software-as-a-Service Accounts
Virtual Private Servers (VPS) have long served as versatile tools for developers and businesses, offering dedicated resources on shared physical hardware with enhanced control and scalability. However, threat actors are increasingly exploiting these platforms to orchestrate stealthy attacks against Software-as-a-Service…
Help TDS Hacks Legitimate Websites, Using PHP Templates to Display Fake Microsoft Security Alerts
GoDaddy Security researchers have unveiled a detailed analysis of Help TDS, a sophisticated Traffic Direction System operational since at least 2017, which exploits compromised websites to funnel traffic toward malicious scams. This operation supplies affiliates with PHP code templates that…
Lumma Operators Deploy Cutting-Edge Evasion Tools to Maintain Stealth and Persistence
Lumma infostealer affiliates’ complex operating framework was revealed by Insikt Group in a ground-breaking report published on August 22, 2025, underscoring their reliance on cutting-edge evasion technologies to support cybercrime operations. The Lumma malware, a prominent malware-as-a-service (MaaS) platform since…
BQTLOCK Ransomware-as-a-Service Emerges, Boasting Sophisticated Evasion Tactics
Ransomware-as-a-Service (RaaS) models continue to democratize sophisticated attacks in the ever-changing world of cybercrime by allowing affiliates with little technical know-how to distribute ransomware through profit-sharing or subscription models. A newly identified strain, BQTLock, has emerged since mid-July 2025, operating…