Critical security vulnerability in F5 BIG-IP systems has been discovered that allows authenticated administrators to execute arbitrary system commands, effectively bypassing security boundaries. Identified as CVE-2025-31644, the command injection flaw affects multiple versions of BIG-IP running in Appliance mode. Security…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Four Hackers Caught Exploiting Old Routers as Proxy Servers
U.S. authorities unsealed charges against four foreign nationals accused of operating a global cybercrime scheme that hijacked outdated wireless routers to create malicious proxy networks. Russian nationals Alexey Viktorovich Chertkov (37), Kirill Vladimirovich Morozov (41), Aleksandr Aleksandrovich Shishkin (36), and…
Hackers Abuse PyInstaller to Deploy Stealthy macOS Infostealer
Jamf Threat Labs has identified a novel macOS infostealer that exploits PyInstaller, a legitimate open-source tool used to bundle Python scripts into standalone Mach-O executables. This marks the first documented instance of PyInstaller being weaponized to deploy infostealers on macOS,…
PupkinStealer Targets Windows Users to Steal Browser Login Credentials
A newly identified information-stealing malware dubbed PupkinStealer has emerged as a significant threat to Windows users, with its first sightings reported in April 2025. Written in C# using the .NET framework, this malicious software is engineered to pilfer sensitive data,…
Repeated Firmware Key-Management Failures Undermine Intel Boot Guard and UEFI Secure Boot
The security of fundamental technologies like Intel Boot Guard and UEFI Secure Boot has been seriously questioned due to persistent cryptographic key management issues within the UEFI firmware ecosystem, which have been exposed in a number of concerning exposes. These…
Asus One-Click Flaw Exposes Users to Remote Code Execution Attacks
Critical security vulnerability in ASUS DriverHub software has been discovered that allowed attackers to execute arbitrary code with administrator privileges through a simple web visit. Security researcher identified and reported the vulnerability in April 2025, which has since been patched…
CISA Flags Hidden Functionality Flaw in TeleMessage TM SGNL on KEV List
Cybersecurity and Infrastructure Security Agency (CISA) has escalated its advisory for TeleMessage TM SGNL, adding a critical hidden functionality vulnerability (CVE-2025-47729) to its Known Exploited Vulnerabilities (KEV) catalog. This flaw exposes cleartext copies of user messages within the platform’s archiving…
Cobalt Strike 4.11.1 Released With SSL Checkbox Fix
Cobalt Strike has announced the release of version 4.11.1, an out-of-band update addressing several critical issues discovered in the previous 4.11 release. The update primarily fixes a module stomping issue that could cause system crashes in specific circumstances, resolves problems…
Attackers Leverage Unpatched Output Messenger 0‑Day to Deliver Malicious Payloads
A Türkiye-affiliated espionage threat actor, tracked by Microsoft Threat Intelligence as Marbled Dust (also known as Sea Turtle and UNC1326), has been exploiting a zero-day vulnerability in Output Messenger, a popular multiplatform chat software. Identified as CVE-2025-27920, this directory traversal…
Researchers Uncover Remote IT Job Fraud Scheme Involving North Korean Nationals
The United States indicted fourteen North Korean nationals for orchestrating a sophisticated scheme to secure remote IT jobs at American companies and nonprofits using stolen identities. This operation, which has funneled at least $88 million USD to the North Korean…
Apple Releases Security Patches to Fix Critical Data Exposure Flaws
Apple released critical security updates for macOS Sequoia 15.5 on May 12, 2025, addressing over 40 vulnerabilities across system components ranging from kernel-level memory corruption risks to app sandbox escapes. The patches target flaws that could allow attackers to access…
New Noodlophile Malware Spreads Through Fake AI Video Generation Platforms
Cybercriminals have unleashed a new malware campaign using fake AI video generation platforms as a lure. Dubbed Noodlophile Stealer, this previously undocumented infostealer targets unsuspecting users by exploiting their enthusiasm for AI-powered content creation tools. Disguised as legitimate services promising…
Lumma Stealer Upgraded with PowerShell Tools and Advanced Evasion Techniques
Sophos Managed Detection and Response (MDR) in September 2024, the notorious Lumma Stealer malware has evolved with sophisticated PowerShell tools and advanced evasion tactics, leveraging fake CAPTCHA sites to deceive users. Active since mid-2022 and offered as Malware-as-a-Service (MaaS) by…
APT37 Hackers Use Weaponized LNK Files and Dropbox for Command-and-Control Operations
The North Korean state-sponsored hacking group APT37, also known as ScarCruft, launched a spear phishing campaign targeting activists focused on North Korean issues. Named “Operation: ToyBox Story” by Genians Security Center (GSC), this campaign exploited legitimate cloud services, primarily Dropbox,…
Kimsuky Hacker Group Deploys New Phishing Techniques and Malware Campaigns
The North Korean state-sponsored Advanced Persistent Threat (APT) group Kimsuky, also known as “Black Banshee,” has been active since at least 2012, targeting nations like South Korea, Japan, and the United States with sophisticated cyber espionage campaigns. Recently, new Indicators…
Open Source Linux Firewall IPFire 2.29 – Core Update 194 Released: What’s New!
IPFire, the powerful open-source firewall, has unveiled its latest release, IPFire 2.29 – Core Update 194, packed with security enhancements, performance improvements, and new features to safeguard networks of all sizes. Renowned for its robust feature set, IPFire continues to…
20-Year-Old Proxy Botnet Network Dismantled After Exploiting 1,000 Unpatched Devices Each Week
A 20-year-old criminal proxy network has been disrupted through a joint operation involving Lumen’s Black Lotus Labs, the U.S. Department of Justice, the Federal Bureau of Investigation (FBI), and the Dutch National Police. This botnet, operational since 2004 according to…
Threat Actors Leverage DDoS Attacks as Smokescreens for Data Theft
Distributed Denial of Service (DDoS) attacks, once seen as crude tools for disruption wielded by script kiddies and hacktivists, have undergone a sophisticated transformation in today’s complex, hybrid-cloud environments. No longer just blunt instruments aimed at overwhelming systems, DDoS attacks…
Phishing Campaign Uses Blob URLs to Bypass Email Security and Avoid Detection
Cybersecurity researchers at Cofense Intelligence have identified a sophisticated phishing tactic leveraging Blob URIs (Uniform Resource Identifiers) to deliver credential phishing pages directly to users’ inboxes while evading traditional email security measures. Blob URIs, typically used by browsers to handle…
“PupkinStealer” – .NET Malware Steals Browser Data and Exfiltrates via Telegram
A new information-stealing malware dubbed “PupkinStealer” has emerged as a significant threat to individuals and enterprises. Developed in C# using the .NET framework, this 32-bit GUI-based Windows executable targets sensitive user data with a focused and efficient approach. First observed…