A newly disclosed security vulnerability in Elastic’s Kibana platform has put thousands of businesses at risk, with attackers able to execute arbitrary code on vulnerable systems. The flaw, identified as CVE-2025-25014, carries a critical CVSS score of 9.1, underscoring the urgency for…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
IT Worker from Computacenter Let Girlfriend Into Deutsche Bank’s Restricted Areas
A former information technology manager has filed a whistleblower lawsuit alleging a major security breach at Deutsche Bank’s Manhattan headquarters, claiming a fellow IT contractor repeatedly brought his girlfriend – an unauthorized Chinese national with computer expertise – into the…
NSO Group Ordered to Pay $168 Million to WhatsApp in US Spyware Verdict
A federal jury in California has ordered Israeli spyware maker NSO Group to pay approximately $168 million in damages to WhatsApp. The verdict, delivered on Tuesday, represents a pivotal victory in the ongoing global battle against commercial cyberespionage and sets…
UNC3944 Hackers Shift from SIM Swapping to Ransomware and Data Extortion
UNC3944, a financially-motivated threat actor also linked to the group known as Scattered Spider, has transitioned from niche SIM swapping operations targeting telecommunications organizations to a more aggressive focus on ransomware and data theft extortion across diverse industries. Initially observed…
Uncovering the Security Risks of Data Exposure in AI-Powered Tools like Snowflake’s CORTEX
As artificial intelligence continues to reshape the technological landscape, tools like Snowflake’s CORTEX Search Service are revolutionizing data retrieval with advanced fuzzy search and LLM-driven Retrieval Augmented Generation (RAG) capabilities. However, beneath the promise of efficiency lies a critical security…
BFDOOR Malware Targets Organizations to Establish Long-Term Persistence
The BPFDoor malware has emerged as a significant threat targeting domestic and international organizations, particularly in the telecommunications sector. First identified by PwC in 2021, BPFDoor is a highly sophisticated backdoor malware designed to infiltrate Linux systems with an emphasis…
Over 2,800 Hacked Websites Targeting MacOS Users with AMOS Stealer Malware
Cybersecurity researcher has uncovered a massive malware campaign targeting MacOS users through approximately 2,800 compromised websites. The operation, dubbed “MacReaper,” uses sophisticated social engineering and blockchain technology to deliver the Atomic Stealer (AMOS) malware, capable of stealing passwords, cryptocurrency wallets,…
Microsoft Alerts That Default Helm Charts May Expose Kubernetes Apps to Data Leaks
Microsoft’s cybersecurity research team has issued a stark warning about the risks of using default Helm charts and Kubernetes deployment templates, revealing that popular cloud-native applications like Apache Pinot, Meshery, and Selenium Grid are being deployed with critical security gaps.…
Hackers Bypass AI Filters from Microsoft, Nvidia, and Meta Using a Simple Emoji
Cybersecurity researchers have uncovered a critical flaw in the content moderation systems of AI models developed by industry giants Microsoft, Nvidia, and Meta. Hackers have reportedly found a way to bypass the stringent filters designed to prevent the generation of…
Ransomware Attacks on Food & Agriculture Industry Surge 100% – 84 Attacks in Just 3 Months
The food and agriculture industry is facing an unprecedented wave of cybersecurity threats in 2025, with ransomware attacks doubling in the first quarter compared to the same period in 2024. Speaking at the RSA Conference on Thursday, Jonathan Braley, director…
Popular Instagram Blogger’s Account Hacked to Phish Users and Steal Banking Credentials
A high-profile Russian Instagram blogger recently fell victim to a sophisticated cyberattack, where scammers hijacked her account to orchestrate a fake $125,000 cash giveaway. The attackers employed advanced techniques, including AI-generated deepfake videos and meticulously crafted phishing campaigns, to deceive…
Microsoft Resolves Group Policy Issue Blocking Windows 11 24H2 Installation
Microsoft has resolved a critical enterprise-focused bug that blocked organizations from deploying Windows 11 24H2 through Windows Server Update Services (WSUS), alongside addressing a separate dual-boot Linux compatibility issue tied to older security updates. These fixes come as part of…
Darcula PhaaS: 884,000 Credit Card Details Stolen from 13 Million Global User Clicks
The Darcula group has orchestrated a massive phishing-as-a-service (PhaaS) operation, dubbed Magic Cat, compromising an estimated 884,000 credit card details from over 13 million user interactions worldwide. This smishing (SMS phishing) campaign, first detected in December 2023, impersonates trusted brands…
Initial Access Brokers Play a Vital Role in Modern Ransomware Attacks
The ransomware threat landscape has evolved dramatically in recent years, with specialized cybercriminals like Initial Access Brokers (IAbBs) emerging as critical enablers in the Ransomware-as-a-Service (RaaS) ecosystem. These actors serve as high-value middlemen, focusing on breaching organizational networks and selling…
Hackers Targeting Schools and Universities in New Mexico with Cyber Attacks
A major cyberattack on the Coweta County School System’s computer network occurred late Friday night, which is a worrying development for New Mexico’s educational institutions. The unauthorized intrusion, detected around 7:00 p.m., prompted immediate action from the school system’s IT department and external cybersecurity partners. Following established protocols, critical systems were taken offline to halt the malicious activity and trace its origins. This…
Microsoft 365 Copilot and Office Apps Now Protected by SafeLinks at Click Time
Microsoft announced a major update aimed at bolstering the cybersecurity of its flagship AI-powered productivity assistant, Microsoft 365 Copilot, and its suite of Office apps. The integration of SafeLinks protection at time-of-click marks a significant step forward in safeguarding users…
DragonForce Ransomware Targets Major UK Retailers, Including Harrods, Marks & Spencer, and Co-Op
Major UK retailers including Harrods, Marks and Spencer, and Co-Op are currently experiencing significant service disruptions following a series of coordinated ransomware attacks attributed to the DragonForce group. The attacks have affected critical business functions including payment systems, inventory management,…
Google’s NotebookLM Introduces Voice Summaries in Over 50 Languages
Google has significantly expanded the capabilities of NotebookLM, its AI-powered research tool, by introducing Audio Overviews in more than 50 languages. This enhancement builds upon the platform’s global expansion to over 200 countries last year and marks a pivotal development…
OpenAI Shifts For-Profit Branch to Public Benefit Corporation, Staying Under Nonprofit Oversight
Landmark organizational shift, OpenAI announced its transition from a capped-profit LLC to a Public Benefit Corporation (PBC) while maintaining governance under its original nonprofit structure. The move, detailed in a May 2025 letter from CEO Sam Altman, aims to balance…
Android Security Update -A Critical RCE Vulnerability Actively Exploited in the Wild
Google has released critical security patches for Android devices to address 57 vulnerabilities across multiple subsystems, including an actively exploited remote code execution flaw tracked as CVE-2025-27363. The May 2025 security bulletin confirms this high-severity vulnerability in Android’s System component…