Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

A newly identified cyberattack campaign has surfaced, leveraging the recognizable branding of India’s Ministry of Defence to distribute cross-platform malware targeting both Windows and Linux systems. Uncovered by threat intelligence researchers at Hunt.io, this operation employs a ClickFix-style infection chain,…

Read more →

Mozilla’s Chief Financial Officer testified that Firefox could face extinction if Justice Department proposals targeting Google’s search dominance are fully implemented, revealing the browser’s precarious financial position amid ongoing antitrust proceedings. Mozilla Corporation CFO Eric Muhlheim delivered stark testimony Friday,…

Read more →

Employee at Elon Musk’s artificial intelligence firm xAI inadvertently exposed a private API key on GitHub for over two months, granting unauthorized access to proprietary large language models (LLMs) fine-tuned on internal data from SpaceX, Tesla, and Twitter/X. Security researchers…

Read more →

Irish Data Protection Commission (DPC) has imposed a landmark €530 million fine on TikTok Technology Limited for illegally transferring European Economic Area (EEA) user data to China and failing to meet transparency obligations under the General Data Protection Regulation (GDPR).…

Read more →

Target application included a username field restricted by a frontend regex filter (/^[a-zA-Z0-9]{1,20}$/), designed to accept only alphanumeric characters. While this initially appeared robust, the researcher discovered that the backend failed to revalidate inputs after the regex check. This oversight…

Read more →

Google has integrated advanced AI-powered image editing tools directly into its Gemini app, enabling users to manipulate both AI-generated and uploaded images through text prompts. The update, which began rolling out globally on May 5, 2025, introduces multi-step editing workflows,…

Read more →

Security researchers have released GPOHound, a powerful open-source tool designed to analyze Group Policy Objects (GPOs) in Active Directory environments for misconfigurations and privilege escalation risks. Developed by cybersecurity firm Cogiceo, the tool automates the detection of insecure settings like exposed…

Read more →

A major security scare has erupted in Washington after reports emerged that a Trump associate was using an unofficial version of the secure messaging platform Signal-an application that was subsequently targeted in a data breach, according to a Sunday report…

Read more →

A critical vulnerability has been uncovered in Microsoft’s Telnet Client (telnet.exe), enabling attackers to steal Windows credentials from unsuspecting users, even without interaction in certain network scenarios. Security researchers warn that this “zero-click” flaw could be readily exploited in corporate…

Read more →

A newly discovered pre-authentication denial-of-service (DoS) vulnerability in Microsoft’s Windows Deployment Services (WDS) exposes enterprise networks to instant system crashes via malicious UDP packets. Dubbed a “0-click” flaw, attackers can exploit it remotely without user interaction, draining server memory until critical services…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent alert regarding an actively exploited vulnerability in Langflow, a popular open-source framework for building language model applications. Tracked as CVE-2025-3248, the flaw allows unauthenticated attackers to execute malicious code remotely, posing…

Read more →

Gunra Ransomware, has surfaced as a formidable threat in April 2025, targeting Windows systems across industries such as real estate, pharmaceuticals, and manufacturing. As reported by CYFIRMA, this ransomware employs a sophisticated double-extortion strategy, encrypting victims’ data while exfiltrating sensitive…

Read more →

The Seqrite Labs APT team has uncovered a sophisticated cyber campaign by the Pakistan-linked Transparent Tribe (APT36) targeting Indian Government and Defense personnel. This operation, centered around the recent Pahalgam terror attack on April 22, 2025, leverages emotionally charged themes…

Read more →

The Russian-based threat group RomCom, also known as Storm-0978, Tropical Scorpius, and Void Rabisu, has been targeting UK companies in the retail, hospitality, and critical national infrastructure (CNI) sectors in a recently discovered cyber espionage and profit-driven operation called “Operation…

Read more →

The financially motivated threat group Venom Spider, also tracked as TA4557, has shifted its focus to corporate Human Resources (HR) departments with a highly targeted spear-phishing operation. According to research by Arctic Wolf Labs, the group is leveraging legitimate job…

Read more →

Cybersecurity firm Sansec has uncovered a sophisticated supply chain attack that has compromised 21 popular e-commerce applications, granting hackers full control over hundreds of online stores. This malicious campaign, which began with the injection of backdoors as early as six…

Read more →

X Business, a small e-commerce store dealing in handmade home décor, became the latest victim of a devastating cyberattack orchestrated by a sophisticated malware strain known as Chimera. What begann as a routine inventory management system update spiraled into a…

Read more →

A newly discovered dark web listing claims to sell a critical SS7 protocol exploit for $5,000, raising alarms about global telecom security. The seller, operating under the alias “GatewayPhantom,” is marketing the 0-day vulnerability as a tool for SMS interception,…

Read more →

The LUMMAC.V2 infostealer malware, also known as Lumma or Lummastealer, has emerged as a significant threat, employing the cunning “ClickFix” social engineering technique to compromise unsuspecting users. This malware, rewritten from C to C++ with an advanced binary morpher, targets…

Read more →

MediaTek, a leading provider of chipset technology for smartphones, tablets, AIoT, and smart TVs, has released critical patches addressing several security vulnerabilities across its product portfolio. The newly published MediaTek Product Security Bulletin details the flaws, their potential impacts, and…

Read more →