A critical vulnerability discovered across numerous HTTP/2 implementations has exposed a dangerous protocol-level vulnerability that enables threat actors to orchestrate potent denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks. Tracked as CVE-2025-8671 and colloquially known as “MadeYouReset,” this vulnerability exploits a…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
AI Browsers That Beat Paywalls by Imitating Humans
The emergence of AI-powered browsers represents a significant shift in how artificial intelligence interacts with web content. However, it has also introduced unprecedented challenges for digital publishers and content creators. Last week, OpenAI released Atlas, joining a growing wave of…
Critical Bug in Midnight Ransomware Tool Unlocks File Recovery
In the ever-evolving landscape of cyber threats, a new ransomware strain, Midnight, has emerged, echoing the notorious tactics of its predecessor, Babuk. First detected by Gen researchers, Midnight blends familiar ransomware mechanics with novel cryptographic modifications—some of which unintentionally open…
Cisco Confirms Active Exploitation of Secure ASA and FTD RCE Vulnerability
Cisco has issued a critical warning about ongoing attacks targeting a severe remote code execution vulnerability affecting its Secure Firewall, Adaptive Security Appliance, and Threat Defense Software. The company updated its security advisory on November 5, 2025, revealing that threat…
Iranian Hackers Exploit RMM Tools to Target Academics and Foreign-Policy Experts
Proofpoint Threat Research has identified a previously unknown Iranian threat actor, dubbed UNK_SmudgedSerpent, that conducted sophisticated phishing campaigns against academics and foreign policy experts between June and August 2025. The group employed credential harvesting techniques, sophisticated social engineering, and remote…
Threat Actors Exploit VS Code Extensions for Ransomware via GitHub C2
Security researchers have uncovered a sophisticated attack campaign attributed to Kimsuky, the North Korean-backed threat group known for conducting espionage operations against government entities and think tanks. Recent analysis reveals that threat actors are leveraging Visual Studio Code extensions and…
Airstalk Malware Exploits AirWatch MDM for Covert C2 Communication
Security researchers have identified a sophisticated new malware family, Airstalk, that exploits VMware’s AirWatch API—now known as Workspace ONE Unified Endpoint Management—to establish covert command-and-control channels. The discovery represents a significant threat to evolution, with both PowerShell and .NET variants…
Cisco UCCX Vulnerabilities Allow Remote Attackers to Execute Arbitrary Code
Cisco has issued a critical security advisory addressing two severe vulnerabilities in its Unified Contact Center Express (CCX) platform that could enable remote attackers to execute arbitrary commands and gain unauthorized system access. The vulnerabilities, published on November 5, 2025,…
Checkpoint Analysis: Dissecting the $128M Balancer Pool Drain in Under 30 Minutes
In the early hours of November 3, 2025, Check Point Research’s blockchain threat monitoring systems flagged a suspicious pattern on the Ethereum mainnet. The alert stemmed from Balancer V2’s Vault contract, which soon revealed one of the most devastating DeFi…
Multiple Django Flaws Could Allow SQL Injection and Denial-of-Service Attacks
The Django development team has released critical security patches addressing two significant vulnerabilities that could expose applications to denial-of-service attacks and SQL injection exploits. The security releases for Django 5.2.8, 5.1.14, and 4.2.26 were published on November 5, 2025, in…
ValleyRAT Campaign Targets Windows via WeChat and DingTalk
A sophisticated Windows remote-access trojan known as ValleyRAT has emerged as a high-confidence indicator of targeted intrusions against Chinese-language users and organizations. ValleyRAT’s operational model relies on a carefully orchestrated delivery chain comprising four distinct components: the downloader, loader, injector,…
Authorities Dismantle Large-Scale Credit Card Fraud Scheme Affecting 4.3 Million Users
Authorities across nine countries executed a coordinated crackdown on one of the largest credit card fraud networks ever dismantled. Operation Chargeback, led by German prosecutors and the Bundeskriminalamt, brought down criminal organizations responsible for defrauding over 4.3 million cardholders globally.…
EndClient RAT Leverages Compromised Code-Signing to Slip Past Antivirus
A sophisticated Remote Access Trojan (RAT) is actively targeting North Korean Human Rights Defenders (HRDs) through a campaign leveraging stolen code-signing certificates to evade antivirus detection. The newly discovered “EndClient RAT,” delivered via a malicious Microsoft Installer package disguised as…
Google Warns of PROMPTFLUX Malware That Uses Gemini API for Self-Rewriting Attacks
Cybersecurity researchers at Google Threat Intelligence Group (GTIG) have identified a significant shift in how threat actors are leveraging artificial intelligence in their operations. The discovery of experimental malware called PROMPTFLUX marks a watershed moment in cyber threats, demonstrating that…
Google Issues Emergency Chrome Update to Fix Critical RCE Flaw
Google has released an emergency security update for Chrome across all platforms, rolling out version 142.0.7444.134 and 142.0.7444.135 to address five critical and medium-severity vulnerabilities. The update addresses urgent security concerns identified in the browser’s WebGPU implementation and other core…
Hyundai AutoEver Confirms Data Breach Exposing Personal Data, Including SSNs and License Info
Hyundai AutoEver America, LLC has formally confirmed a significant data breach that compromised sensitive customer information. The automotive software provider disclosed the incident through official breach notification letters sent to affected individuals, revealing that attackers gained unauthorized access to names,…
HackedGPT: New Vulnerabilities in GPT Models Allow Attackers to Launch 0-Click Attacks
Cybersecurity researchers at Tenable have uncovered a series of critical vulnerabilities in OpenAI’s ChatGPT that could allow malicious actors to steal private user data and launch attacks without any user interaction. The security flaws affect hundreds of millions of users…
Gootloader Returns with a New ZIP File Tactic to Conceal Malicious Payloads
Cybersecurity researchers have discovered a resurgent Gootloader malware campaign employing sophisticated new evasion techniques that exploit ZIP archive manipulation to evade detection and analysis. Credit for uncovering this latest threat goes to security researcher RussianPanda and the team at Huntress,…
Clop Ransomware Group Exploits New 0-Day Vulnerabilities in Active Attacks
The Clop ransomware group continues to pose a significant threat to enterprise organizations worldwide, with recent analysis revealing their exploitation of a critical zero-day vulnerability in Oracle E-Business Suite. Operating since early 2019, Clop has established itself as one of…
Microsoft Issues Alert: BitLocker Recovery Risk After October 2025 Updates
Microsoft has issued an urgent advisory for Windows users, confirming that a recent set of security updates released after October 14, 2025 may cause certain systems to boot into the BitLocker recovery screen upon restart. The issue, currently under active…