A new open-source tool is bridging the gap between artificial intelligence and offensive security operations. GHOSTCREW is an advanced AI red team assistant that leverages Large Language Models (LLMs), Model Context Protocol (MCP), and Retrieval-Augmented Generation (RAG) to automate complex penetration…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
ProfileHound: Post-Escalation Tool Designed to Achieve Red Team Objectives
ProfileHound emerges as a specialized post-exploitation instrument for offensive security professionals seeking to identify high-value targets within Active Directory environments. The tool addresses a critical gap in red-team reconnaissance by enumerating domain user profiles stored on compromised machines, enabling operators…
Kimwolf Botnet Exploits 2 Million Devices to Build a Global Proxy Infrastructure
A massive new botnet dubbed “Kimwolf” has infected over 2 million devices globally, transforming innocent users’ home internet connections into secret proxy nodes for cybercriminals. According to a new report by security firm Synthient, the botnet has grown explosively by…
Attackers Leverage FortiWeb Vulnerabilities to Deploy Sliver C2 for Long-Term Access
Threat researchers have uncovered a sophisticated attack campaign targeting FortiWeb web application firewalls across multiple continents, with adversaries deploying the Sliver command-and-control framework to establish persistent access and establish covert proxy infrastructure. The discovery came from analyzing exposed Silver C2…
Hackers Steal $35M in Cryptocurrency Following LastPass Breach
Russian cybercriminals have laundered over $35 million in stolen cryptocurrency linked to the devastating 2022 LastPass breach, according to new forensic analysis by blockchain intelligence firm TRM Labs. The 2022 attack exposed encrypted password vaults belonging to roughly 30 million…
Finnish Authorities Arrest Two Sailors in Probe Into Undersea Cable Disruption
Finnish authorities have detained a cargo vessel suspected of damaging an undersea telecommunications cable connecting Helsinki to Estonia. The incident has raised fresh concerns about potential hybrid warfare targeting critical infrastructure in the Baltic Sea region. The vessel, named Fitburg,…
RondoDoX Botnet Abuses React2Shell Vulnerability for Malware Deployment
CloudSEK has uncovered a sustained nine-month campaign by the RondoDoX botnet operation, revealing rapid exploitation of emerging vulnerabilities including the critical React2Shell vulnerability. Analysis of exposed command-and-control logs spanning March through December 2025 demonstrates how threat actors swiftly adapted attack…
Cognizant Faces Multiple US Class-Action Lawsuits After TriZetto Data Breach
Cognizant Technology Solutions is facing a wave of legal challenges in the United States following a significant data breach at its subsidiary, TriZetto Provider Solutions (TPS). The IT services giant has been hit with at least three class-action lawsuits alleging…
Hacker Group Claims Responsibility for Alleged Tokyo FM Broadcasting Breach
A threat actor operating under the alias “victim” has claimed responsibility for a significant data breach targeting Tokyo FM Broadcasting Co., Ltd., a central radio broadcasting station in Japan. The alleged intrusion, which was observed on January 1, 2025, reportedly…
Google Tasks Feature Exploited in New Sophisticated Phishing Campaign
Over 3,000 organisations, predominantly in manufacturing, fell victim to a sophisticated phishing campaign in December 2025 that leveraged Google’s own application infrastructure to bypass enterprise email security controls. Attackers sent deceptive messages from noreply-application-integration@google.com, marking a critical shift in how threat…
Handala Hackers Breach Telegram Accounts Linked to Israeli Officials
In December 2025, the Iran-linked hacking group known as Handala escalated its influence operations against Israel’s political establishment by publishing material it claimed was pulled from the fully “compromised” mobile devices of two high-profile officials. A technical review by threat…
Careto Hacker Group Resurfaces After a Decade, Unleashing New Attack Techniques
The legendary Careto threat actor, also known as “The Mask,” has resurfaced after a decade-long disappearance, employing sophisticated new attack methods that demonstrate the group’s continued evolution and technical prowess. Kaspersky researchers unveiled these findings during the 34th Virus Bulletin…
Apache NuttX Flaw Allows Attackers to Crash Embedded Systems
The Apache Software Foundation has released a security advisory addressing a memory corruption vulnerability in the Apache NuttX Real-Time Operating System (RTOS). Tracked as CVE-2025-48769, this flaw affects widely used embedded systems and could allow attackers to destabilize devices or manipulate…
Malicious Manipulation of LLMs for Scalable Vulnerability Exploitation
A groundbreaking study from researchers at the University of Luxembourg reveals a critical security paradigm shift: large language models (LLMs) are being weaponized to automatically generate functional exploits from public vulnerability disclosures, effectively transforming novice attackers into capable threat actors.…
DarkSpectre Malware Campaign Hits Chrome, Edge, and Firefox Users
A sophisticated Chinese threat actor dubbed DarkSpectre has compromised 8.8 million users across Chrome, Edge, and Firefox through three distinct malware campaigns that have operated undetected for over seven years, researchers revealed today. The operation represents one of the most…
NeuroSploit v2 Launches as AI-Powered Penetration Testing Framework
NeuroSploit v2 is an advanced AI-powered penetration testing framework designed to automate and enhance offensive security operations. Leveraging cutting-edge large language model (LLM) technology, the framework brings automation to vulnerability assessment, threat simulation, and security analysis workflows. NeuroSploit v2 represents…
New Cybercrime Tool “ErrTraffic” Enables Automated ClickFix Attacks
The cybercriminal underground has entered a new phase of industrialization. Hudson Rock researchers have uncovered ErrTraffic v2, a sophisticated ClickFix-as-a-Service platform that commoditizes deceptive social engineering at an unprecedented scale. Priced at just $800 and advertised on top-tier Russian cybercrime…
GlassWorm Malware Turns VS Code Extensions into an Attack Vector Against macOS
GlassWorm has returned with a dangerous new evolution. The notorious self-propagating malware, which first surfaced in October as an invisible Unicode-based threat in VS Code extensions, has completed a significant platform pivot to macOS with 50,000 downloads and a fully…
New Open-Source C2 Framework AdaptixC2 Debuts With Improved Stability and Speed
The open-source community has received a major update with the release of AdaptixC2 Version 1.0. This new version brings significant enhancements to the Command and Control (C2) framework, with a focus on network stability, user interface (UI) performance, and operational…
New AI-Enhanced Crypter Promoted as Capable of Evading Windows Defender
Cybersecurity researchers have spotted a new high-sophistication malware loader being advertised on dark web forums, marketed as a commercial solution for evading modern endpoint protection. The tool, dubbed InternalWhisper x ImpactSolutions, is being promoted by a threat actor known as “ImpactSolutions.”…