Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

A coordinated operation by Europol, the FBI, Microsoft, and other public and private sector partners targeted the Lumma infostealer, a prolific malware distributed via a malware-as-a-service (MaaS) model. Known for stealing credentials and being a tool of choice for notorious…

Read more →

Aembit, the workload identity and access management (IAM) company, today announced its inclusion in Rising in Cyber 2025, an independent list launched by Notable Capital to spotlight the 30 most promising cybersecurity startups shaping the future of security. Unlike traditional rankings,…

Read more →

LayerX, a cybersecurity firm, has uncovered a sophisticated network of malicious browser extensions, dubbed “sleeper agents,” that are currently installed on nearly 1.5 million devices worldwide. These extensions, masquerading as legitimate in-browser sound management tools, are built on a shared…

Read more →

Authentication coercion remains a potent attack vector in Windows environments, enabling attackers with even low-privileged domain accounts to force targeted systems, often high-value servers or domain controllers, to authenticate to attacker-controlled hosts. This technique is closely tied to NTLM and…

Read more →

Forescout Research Vedere Labs has uncovered that nearly 35,000 solar power devices, including inverters, data loggers, and gateways from 42 vendors, are exposed on the internet with vulnerable management interfaces. Identified using the Shodan search engine, these devices represent a…

Read more →

The North Korean state-sponsored hacking group APT37 has launched a sophisticated spear phishing campaign in March 2025, targeting activists focused on North Korean issues. Disguised as invitations to an academic forum hosted by a South Korean national security think tank,…

Read more →

Cybersecurity experts from Positive Technologies’ Security Expert Center have uncovered a sophisticated malicious campaign dubbed “Phantom Enigma,” primarily targeting Brazilian residents while also affecting organizations worldwide. This campaign employs a dual-attack strategy, utilizing malicious browser extensions for Google Chrome, Microsoft…

Read more →

The Wireshark Foundation has officially launched the Wireshark Certified Analyst (WCA-101) certification, marking a significant milestone for IT professionals and network engineers worldwide. Designed by Wireshark’s developers and leading protocol experts, the WCA-101 exam is tailored to validate advanced proficiency…

Read more →

IBM has issued a security bulletin highlighting multiple vulnerabilities in its QRadar Suite Software and Cloud Pak for Security platforms. The flaws, which range from medium to critical severity, could enable attackers to compromise sensitive data, execute arbitrary code, or…

Read more →

The Mobile Threat Intelligence (MTI) team identified a formidable new player in the mobile malware landscape: Crocodilus, an Android banking Trojan designed for device takeover. Initially observed in test campaigns with limited live instances, this malware has rapidly evolved, demonstrating…

Read more →

Threat actors have been found exploiting the ubiquitous “Prove You Are Human” verification systems to distribute malicious software. Specifically, this campaign leverages spoofed websites mimicking legitimate platforms like Gitcodes and DocuSign to deceive users into executing harmful PowerShell scripts on…

Read more →

On May 15, 2025, Coinbase, the largest U.S. cryptocurrency exchange, publicly disclosed a major security breach that exposed the sensitive personal data of 69,461 users—less than 1% of its monthly transacting base, but a significant figure given the depth of…

Read more →

The modern digital estate is under siege. Over the past 18 months, Microsoft’s threat protection teams have tracked a staggering 275% increase in ransomware encounters, with attackers shifting from broad, random attacks to highly targeted, multi-domain campaigns that exploit unique…

Read more →

Researchers have unearthed a sophisticated supply chain attack targeting Ruby Gems, a popular package manager for the Ruby programming language. Malicious actors have infiltrated the ecosystem by embedding backdoors in seemingly legitimate gems, enabling them to steal sensitive Telegram tokens…

Read more →

Active Directory (AD) Group Policy Objects (GPOs) are a cornerstone of centralized management for Windows environments, enabling administrators to configure operating systems, applications, and user settings across all domain-connected machines. The real work of applying these policies on client machines…

Read more →

Beijing, China, June 4th, 2025, CyberNewsWire After nearly a year of research and evaluation, Gartner released the first “Magic Quadrant for Network Detection and Response” report on May 29, ThreatBook became the only Chinese company selected. As enterprises accelerate their…

Read more →

Beijing, China, June 4th, 2025, CyberNewsWire After nearly a year of research and evaluation, Gartner released the first “Magic Quadrant for Network Detection and Response” report on May 29, ThreatBook became the only Chinese company selected. As enterprises accelerate their…

Read more →

Since 2016, the “DollyWay World Domination” campaign has quietly compromised more than 20,000 WordPress websites worldwide, exploiting vulnerabilities in plugins and themes to redirect visitors to malicious destinations.  The operation’s name comes from a telltale code string found in infected…

Read more →

A new and insidious threat has surfaced in the cybersecurity landscape as Darktrace’s Threat Research team uncovers PumaBot, a Go-based Linux botnet meticulously designed to exploit embedded Internet of Things (IoT) devices. Unlike conventional botnets that cast a wide net…

Read more →

A pro-Ukrainian hacktivist group known as BO Team, also operating under aliases such as Black Owl, Lifting Zmiy, and Hoody Hyena, has emerged as a formidable threat to Russian organizations in 2025. This group, which publicly declared its intentions via…

Read more →