The Python Package Index (PyPI) has implemented new security measures to protect against domain resurrection attacks, a sophisticated supply-chain threat where attackers purchase expired domains to hijack user accounts through password reset mechanisms. Since early June 2025, the platform has…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Lockbit Linux ESXi Ransomware Variant Reveals Evasion Techniques and File Encryption Process
A recent reverse engineering analysis of a Lockbit ransomware variant targeting Linux-based ESXi servers has uncovered several sophisticated evasion techniques and operational details. The malware, first documented in 2022, employs the ptrace system call to detect debugging environments by attempting…
New Sni5Gect Attack Targets 5G to Steal Messages and Inject Payloads
Cybersecurity researchers at Singapore University of Technology and Design have unveiled a sophisticated new attack framework called SNI5GECT that can intercept 5G communications and inject malicious payloads without requiring a rogue base station. The research demonstrates significant vulnerabilities in the current 5G…
PipeMagic Malware Imitates ChatGPT App to Exploit Windows Vulnerability and Deploy Ransomware
The PipeMagic malware, which is credited to the financially motivated threat actor Storm-2460, is a remarkable illustration of how cyber dangers are always changing. It poses as the genuine open-source ChatGPT Desktop Application from GitHub. This sophisticated modular backdoor facilitates…
Malicious npm Packages Target Crypto Developers to Steal Login Credentials
A sophisticated threat campaign dubbed “Solana-Scan” has emerged, deploying malicious npm packages aimed at infiltrating the Solana cryptocurrency ecosystem. Identified by the Safety research team through advanced malicious package detection technology, this operation involves a threat actor operating under the…
CISA Alerts on Active Exploitation of Trend Micro Apex One Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Trend Micro Apex One vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning of active exploitation targeting the enterprise security platform. The vulnerability, tracked as CVE-2025-54948, affects the Trend…
Hackers Exploit Cisco Secure Links to Evade Scanners and Bypass Filters
Cybercriminals have discovered a sophisticated new attack vector that weaponizes Cisco’s security infrastructure against users, according to recent research from Raven AI. The company’s context-aware detection systems uncovered a credential phishing campaign that exploits Cisco Safe Links to evade traditional…
Intel Websites Compromised, Allowing Hackers Access to Employee and Confidential Data
A series of critical security flaws in Intel’s internal web infrastructure exposed the personal details of more than 270,000 employees and potentially provided attackers with access to sensitive corporate and supplier information. The discoveries highlight severe weaknesses across multiple Intel-owned…
Threat Actors Use Pirated Games to Bypass Microsoft Defender SmartScreen and Adblockers
Cybersecurity researchers have uncovered a sophisticated campaign where threat actors leverage pirated game downloads to distribute HijackLoader, a modular malware loader, effectively bypassing common defenses like adblockers and Microsoft Defender SmartScreen. Sites such as Dodi Repacks, often deemed “safe” on…
Blue Locker Ransomware Launches Targeted Attacks on the Oil and Gas Sector in Pakistan
Pakistan’s National Cyber Emergency Response Team (NCERT) has issued a high-alert advisory to 39 key ministries and institutions, warning of severe risks from the “Blue Locker” ransomware, which has compromised critical infrastructure including Pakistan Petroleum Limited (PPL) in the oil…
Threat Actors Exploit Microsoft Help Index File to Deploy PipeMagic Malware
Cybersecurity researchers have uncovered a sophisticated campaign where threat actors leverage a Microsoft Help Index File (.mshi) to deploy the PipeMagic backdoor, marking a notable evolution in malware delivery methods. This development ties into the exploitation of CVE-2025-29824, a zero-day…
Weaponized Python Package “termncolor” Uses Windows Run Key for Persistence
Cybersecurity experts discovered a complex supply chain attack that originated from the Python Package Index (PyPI) in a recent disclosure from Zscaler ThreatLabz. The package in question, termed “termncolor,” masquerades as a benign color utility for Python terminals but covertly…
Threat Actors Exploit Telegram as the Communication Channel to Exfiltrate Stolen Data
tLab Technologies, a Kazakhstan-based company that specializes in advanced threat prevention, discovered one of the first known phishing attempts in the region that targeted public sector clients in a recent cybersecurity incident. The attack leveraged a professionally crafted fake login…
Technical Details of SAP 0-Day Exploitation Script for RCE Revealed
Cybersecurity researchers have unveiled the inner workings of an exploit script targeting a critical zero-day vulnerability in SAP NetWeaver’s Visual Composer Metadata Uploader, now designated as CVE-2025–31324. This flaw stems from a missing authorization check on the HTTP endpoint /developmentserver/metadatauploader,…
Bragg Confirms Cyberattack, Internal IT Systems Breached
Bragg Gaming Group (NASDAQ: BRAG, TSX: BRAG), a prominent content and technology provider in the online gaming industry, has disclosed a cybersecurity incident that compromised its internal computer systems over the weekend. The company discovered the breach on August 16,…
Linux Kernel Netfilter Flaw Enables Privilege Escalation
A critical vulnerability in the Linux kernel’s netfilter subsystem has been discovered that allows local attackers to escalate privileges through an out-of-bounds write condition. The flaw, identified as CVE-2024-53141, affects the ipset bitmap functionality and could enable unprivileged users to gain…
DoJ Seizes $2.8M in Crypto from Zeppelin Ransomware Group
The Department of Justice has announced a significant victory against cybercriminals, seizing over $2.8 million in cryptocurrency and additional assets from a Zeppelin ransomware operation. The coordinated law enforcement action targeted Ianis Aleksandrovich Antropenko, who faces federal charges for his…
New Ghost-Tapping Attacks Target Apple Pay and Google Pay Users’ Linked Cards
Chinese-speaking cybercriminals are using ghost-tapping techniques to take advantage of Near Field Communication (NFC) relay tactics in a sophisticated evolution of payment card fraud. They are mainly targeting mobile payment services such as Apple Pay and Google Pay. This attack…
North Korean Hackers’ Secret Linux Malware Surfaces Online
Phrack Magazine’s latest issue #72 has unveiled a significant data leak from a suspected North Korean hacking operation, including exploit tactics, compromised system details, and a sophisticated Linux rootkit. The dump, linked to a Chinese threat actor targeting South Korean…
The AI-Powered Trojan Horse Returns: How LLMs Revive Classic Cyber Threats
In an era where users rely on vigilance against shady websites and file hashing via platforms like VirusTotal, a new wave of trojan horses is challenging traditional defenses. These threats masquerade as legitimate desktop applications, such as recipe savers, AI-powered…