On May 30, 2025, CERT Polska coordinated the public disclosure of three significant security vulnerabilities affecting preinstalled Android applications on smartphones from Ulefone and Krüger&Matz. These flaws, tracked as CVE-2024-13915, CVE-2024-13916, and CVE-2024-13917, expose users to risks ranging from unauthorized…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
IBM DataStage Bug Exposes Database Credentials in Plain Tex
A recently disclosed vulnerability in IBM InfoSphere DataStage, tracked as CVE-2025-1499, has raised concerns across the enterprise data management sector. The flaw centers on the cleartext storage of sensitive credential information, potentially exposing database authentication details to authenticated users. Below,…
Critical MediaTek Flaws Allow Hackers to Gain Elevated Access with No User Input
MediaTek has published its latest Product Security Bulletin, revealing several security vulnerabilities affecting a wide range of its chipsets used in smartphones, tablets, AIoT devices, smart displays, smart platforms, OTT devices, computer vision systems, audio equipment, and TVs. Device OEMs…
HuluCaptcha: Fake Captcha Kit Tricks Users into Executing Code via Windows Run Command
Security researchers have identified a sophisticated phishing campaign leveraging a fake CAPTCHA verification system dubbed “HuluCaptcha” that covertly executes malicious code through the Windows Run command. The attack chain begins with seemingly legitimate CAPTCHA challenges that, upon interaction, trigger script…
Realtek Bluetooth Driver Flaw Allows Attackers to Delete Any File on Windows Systems
A high-severity security vulnerability has been identified in the Realtek Bluetooth Host Controller Interface (HCI) Adaptor, raising significant concerns for device manufacturers and end-users. The flaw, tracked as CVE-2024-11857, was disclosed on June 2, 2025, and published in both the…
Hackers Weaponize Free SSH Client PuTTY to Deliver Malware on Windows
OpenSSH has become a standard tool for secure remote management on both Linux and Windows systems. Since its inclusion as a default component in Windows 10 version 1803, attackers have increasingly exploited its presence, leveraging it as a “Living Off…
New PyPI Supply Chain Attacks Target Python and NPM Users on Windows and Linux
Checkmarx Zero researcher Ariel Harush has uncovered a sophisticated malicious package campaign targeting Python and NPM users across Windows and Linux platforms through typo-squatting and name-confusion attacks against popular packages. This coordinated supply chain attack demonstrates unprecedented cross-ecosystem tactics and…
Haozi’s Plug-and-Play Phishing Attack Steals Over $280,000 From Users
Netcraft security researchers have identified a significant resurgence of the Chinese-language Haozi Phishing-as-a-Service (PhaaS) operation, distinguished by its cartoon mouse mascot and frictionless cybercrime toolkit. The group’s cryptocurrency wallet has processed over $280,000, with substantial recent withdrawals, while thousands of…
CISO Roles Take on Strategic Security Leadership Roles Beyond Cybersecurity as Organizations
A comprehensive analysis of over 800 Chief Information Security Officers reveals a fundamental transformation in the cybersecurity leadership landscape, with CISOs increasingly assuming strategic business responsibilities that extend far beyond traditional information security functions. The fifth annual CISO Compensation and…
Over 50,000 Azure AD Users’ Access Tokens Exposed via Unauthenticated API Endpoint
CloudSEK’s BeVigil platform has uncovered a critical security vulnerability affecting an aviation giant, where an exposed JavaScript file containing an unauthenticated API endpoint led to unauthorized access to Microsoft Graph tokens with elevated privileges. This security lapse resulted in the…
Critical Denodo Scheduler Flaw Allows Remote Code Execution by Attackers
Denodo, a provider of logical data management software, recently faced a critical security vulnerability in its Denodo Scheduler product. This vulnerability, tracked as CVE-2025-26147, allows authenticated users to perform remote code execution (RCE) on affected systems, posing significant risks to…
Active Exploits Detected Targeting Critical vBulletin Vulnerability
Two critical vulnerabilities—CVE-2025-48827 and CVE-2025-48828—have been assigned to vBulletin, the widely used PHP/MySQL forum software, following public disclosure and observed exploitation in the wild. The flaws, affecting vBulletin versions 5.0.0 through 6.0.3, enable unauthenticated attackers to achieve Remote Code Execution…
New Study Reveals Vulnerable Code Pattern Putting GitHub Projects at Risk of Path Traversal Attacks
A comprehensive research study has identified a widespread path traversal vulnerability (CWE-22) affecting 1,756 open-source GitHub projects, some of which are highly influential in the software ecosystem. The vulnerability, present in a commonly used Node.js code pattern for creating static…
Critical Roundcube Flaw Allows Remote Code Execution by Attackers
Roundcube Webmail, one of the most widely used browser-based IMAP clients, has released urgent security updates for its 1.6 and 1.5 LTS versions. The newly published versions, 1.6.11 and 1.5.10, address a critical post-authentication remote code execution (RCE) vulnerability stemming…
Severe Vulnerabilities in Consilium CS5000 Fire Panels Allow Remote System Takeover
Two severe cybersecurity vulnerabilities have been disclosed in the Consilium Safety CS5000 Fire Panel, a widely deployed industrial control system integral to fire safety across sectors like commercial facilities, healthcare, transportation, and government services. The U.S. Cybersecurity and Infrastructure Security…
MITRE Releases Roadmap for Transition to Post-Quantum Cryptography
The nonprofit research organization MITRE has unveiled a comprehensive roadmap designed to guide organizations through the critical transition from current cryptographic standards to quantum-resistant algorithms. This strategic framework addresses the emerging threat posed by quantum computing capabilities to existing public-key…
New Linux Security Bugs Could Expose Password Hashes Across Millions of Devices
The Qualys Threat Research Unit (TRU) has disclosed two significant local information disclosure vulnerabilities—CVE-2025-5054 and CVE-2025-4598—impacting the core-dump handlers Apport and systemd-coredump on millions of Linux systems. These race-condition vulnerabilities could enable local attackers to extract highly sensitive data, including…
Attackers Exploit Microsoft Entra Billing Roles to Escalate Privileges in Organizational Environments
A startling discovery by BeyondTrust researchers has unveiled a critical vulnerability in Microsoft Entra ID and Azure environments, where attackers can exploit lesser-known billing roles to escalate privileges within organizational tenants. This sophisticated attack vector leverages the ability of guest…
Threat Actors Exploit Google Apps Script to Host Phishing Sites
The Cofense Phishing Defense Center has uncovered a highly strategic phishing campaign that leverages Google Apps Script a legitimate development platform within Google’s ecosystem to host deceptive phishing pages. This attack, masquerading as an invoice email, exploits the inherent trust…
Dadsec Hacker Group Uses Tycoon2FA Infrastructure to Steal Office365 Credentials
Cybersecurity researchers from Trustwave’s Threat Intelligence Team have uncovered a large-scale phishing campaign orchestrated by the notorious hacker group Storm-1575, also known as “Dadsec.” Since September 2023, this group has been leveraging a Phishing-as-a-Service (PhaaS) platform called Tycoon2FA to target…