The AhnLab Security Intelligence Center (ASEC) has uncovered fresh instances of proxyware distribution by threat actors leveraging deceptive advertising on freeware sites. Building on prior reports, such as the “DigitalPulse Proxyware Being Distributed Through Ad Pages” analysis, this campaign continues…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Xerox FreeFlow Core Vulnerability Allows Remote Code Execution — PoC Now Public
Security researchers have disclosed critical vulnerabilities in Xerox FreeFlow Core that enable unauthenticated remote attackers to execute arbitrary code on vulnerable systems. The proof-of-concept exploits are now publicly available, raising immediate concerns for organizations using the popular print orchestration platform.…
Critical WordPress Plugin Vulnerability Puts 70,000+ Sites at Risk of Remote Code Execution
A severe security vulnerability has been discovered in a popular WordPress plugin used by over 70,000 websites worldwide, potentially exposing them to complete takeover by malicious actors. The vulnerability, tracked as CVE-2025-7384, affects the “Database for Contact Form 7, WPforms,…
CISA Alerts on N-able N-Central Deserialization and Injection Flaw Under Active Exploitation
The Cybersecurity and Infrastructure Security Agency (CISA) has issued urgent alerts regarding two critical vulnerabilities in N-able N-Central that are currently being actively exploited, prompting immediate action from organizations using this remote monitoring and management platform. These vulnerabilities, identified as…
Infamous XZ Backdoor Found Hidden in Docker Images for Over a Year
Security researchers at Binarly have discovered that the sophisticated supply chain hack still exists in publicly accessible Docker images on Docker Hub, more than a year after the startling revelation of the XZ Utils backdoor in March 2024. The backdoor,…
Emerging AI-Driven Phishing Trends Reshape Cybercrime Tactics
Artificial intelligence (AI) in advances and adaptive social engineering techniques have led to a significant revolution in phishing and scams within the continually changing realm of cybercrime. Cybercriminals are leveraging neural networks and large language models (LLMs) to craft hyper-realistic…
Google’s Android pKVM Framework Achieves SESIP Level 5 Certification
Google has revealed that protected KVM (pKVM), the hypervisor that powers the Android Virtualization Framework (AVF), has achieved SESIP Level 5 certification, marking a major breakthrough for open-source security and consumer electronics. This milestone positions pKVM as the inaugural software…
Adobe’s August 2025 Patch Tuesday Fixes 60 Vulnerabilities Across Multiple Products
Adobe has rolled out its August 2025 Patch Tuesday updates, addressing a total of 60 vulnerabilities across a wide array of products, including key creative tools and enterprise solutions. These patches primarily focus on out-of-bounds read and write issues, use-after-free…
10 Best Purple Teaming Companies in 2025
The landscape of cybersecurity in mid-2025 is undergoing a profound transformation. As threats become more sophisticated and persistent, organizations are realizing that siloed security teams are no longer sufficient. In response, many are turning to Purple Teaming Services to foster…
SmartLoader Malware Masquerades as Legitimate GitHub Repository to Infect Users
AhnLab Security Intelligence Center (ASEC) has uncovered a sophisticated campaign involving the massive dissemination of SmartLoader malware through GitHub repositories designed to mimic legitimate software projects. These repositories target users searching for popular illicit content such as game cheats, software…
Hackers Deploy Dedicated Phishlet for FIDO Authentication Downgrade Attacks
Proofpoint researchers have uncovered a novel technique allowing threat actors to bypass FIDO-based authentication through downgrade attacks, leveraging a custom phishlet within adversary-in-the-middle (AiTM) frameworks. This method exploits gaps in browser compatibility and user agent handling, forcing victims to revert…
ShinyHunters May Have Teamed Up With Scattered Spider in Salesforce Attack Campaigns
The financially motivated threat group ShinyHunters has returned with a sophisticated series of attacks targeting Salesforce instances across high-profile enterprises in industries like retail, aviation, and insurance, after a year of relative quiet following member arrests in June 2024. ReliaQuest’s…
Web DDoS and App Exploitation Attacks Surge in First Half of 2025
Radware’s monitoring showed a 39% increase in Web DDoS attacks compared to the second half of 2024, culminating in a record 54% quarter-over-quarter increase in Q2, indicating a dramatic escalation of cyber threats during the first half of 2025. This…
Multiple GitLab Vulnerabilities Allow Account Takeover and Stored XSS Attacks
GitLab has released critical security patches addressing multiple high-severity vulnerabilities that could enable attackers to execute account takeovers and stored cross-site scripting (XSS) attacks across both Community Edition (CE) and Enterprise Edition (EE) platforms. The vulnerabilities, disclosed in patch releases…
VexTrio Hackers Use Fake CAPTCHAs and Malicious Apps on Google Play & App Store to Target Users
Security researchers at Infoblox Threat Intel have revealed the complex workings of VexTrio, a highly skilled cybercriminal network that has been active since at least 2017. This discovery highlights the ongoing dangers in the digital economy. Formerly known simply as…
Microsoft Office Vulnerabilities Allow Attackers to Execute Remote Code
Microsoft has disclosed three critical security vulnerabilities in its Office suite that could enable attackers to execute malicious code remotely on affected systems. The vulnerabilities, identified as CVE-2025-53731, CVE-2025-53740, and CVE-2025-53730, were released on August 12, 2025, and pose significant…
‘Curly COMrades’ APT Hackers Target Critical Organizations Across Multiple Countries
Bitdefender Labs has identified a sophisticated advanced persistent threat (APT) group dubbed “Curly COMrades,” active since mid-2024, targeting critical infrastructure in geopolitically sensitive regions. This Russian-aligned actor has focused on judicial and government entities in Georgia, alongside an energy distribution…
Windows Remote Desktop Services Flaw Allows Network-Based Denial-of-Service Attacks
Microsoft disclosed a critical vulnerability in Windows Remote Desktop Services on August 12, 2025, that enables attackers to launch denial-of-service attacks remotely without requiring authentication or user interaction. The flaw, tracked as CVE-2025-53722, has been assigned an “Important” severity rating…
Microsoft Exchange Server Flaws Allow Network-Based Spoofing and Data Tampering
Microsoft has disclosed critical security vulnerabilities in Exchange Server that could enable attackers to conduct network-based spoofing attacks and tamper with sensitive data, according to security bulletins released on August 12, 2025. The vulnerabilities, identified as CVE-2025-25007 and CVE-2025-25005, pose…
GitHub Copilot RCE Vulnerability via Prompt Injection Enables Full System Compromise
A critical security vulnerability in GitHub Copilot has been disclosed, allowing attackers to achieve remote code execution and complete system compromise through sophisticated prompt injection techniques. The vulnerability, tracked as CVE-2025-53773, was patched by Microsoft in the August 2025 Patch…