A hacker collective known as R00TK1T claims to have breached TikTok’s user database, allegedly leaking login information for over 900,000 users. The group, which has previously made waves in the hacking community with bold claims—often with little substantiated evidence—has taken…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Spring Security Vulnerability Exposes Valid Usernames to Attackers
A newly identified security vulnerability, CVE-2025-22234, has exposed a critical weakness in the widely-used Spring Security framework. According to the HeroDevs report, affecting several versions of the spring-security-crypto package, this flaw makes it possible for attackers to discern valid usernames…
Russian VPS Servers With RDP and Proxy Servers Enable North Korean Cybercrime Operations
Trend Research has uncovered a sophisticated network of cybercrime operations linked to North Korea, heavily utilizing Russian internet infrastructure. Specifically, IP address ranges in the towns of Khasan and Khabarovsk, Russia, assigned to organizations under TransTelecom (ASN AS20485), are pivotal…
Microsoft’s Patch for Symlink Vulnerability Introduces New Windows Denial-of-Service Flaw
Microsoft’s recent attempt to resolve a critical privilege escalation vulnerability has inadvertently introduced a new denial-of-service (DoS) flaw in Windows systems, leaving organizations vulnerable to update failures and potential security risks. In early April 2025, Microsoft addressed CVE-2025-21204, a security flaw…
SAP NetWeaver 0-Day Vulnerability Enables Webshell Deployment
Cybersecurity analysts have issued a high-priority warning after several incidents revealed active exploitation of SAP NetWeaver, the widely deployed enterprise integration platform. Attackers have leveraged an unreported 0-day vulnerability to deploy web shells, which give them remote command execution capabilities…
U.S. Secret Service Reveals Ways to Identify Credit Card Skimmers
With credit card skimming crimes escalating nationwide, the U.S. Secret Service’s Washington Field Office is sharing essential tips for the public to protect themselves from this growing threat, shared by Officials in LinkedIn post. According to the agency, credit card…
Lazarus APT Targets Organizations by Exploiting One-Day Vulnerabilities
A recent cyber espionage campaign by the notorious Lazarus Advanced Persistent Threat (APT) group, tracked as “Operation SyncHole,” has compromised at least six South Korean organizations across software, IT, financial, semiconductor, and telecommunications sectors since November 2024. According to detailed…
Verizon DBIR Report: Small Businesses Identified as Key Targets in Ransomware Attacks
Verizon Business’s 2025 Data Breach Investigations Report (DBIR), released on April 24, 2025, paints a stark picture of the cybersecurity landscape, drawing from an analysis of over 22,000 security incidents, including 12,195 confirmed data breaches. The report identifies credential abuse…
Weaponized SVG Files Used by Threat Actors to Redirect Users to Malicious Sites
Cybercriminals are increasingly weaponizing Scalable Vector Graphics (SVG) files to orchestrate sophisticated phishing campaigns. According to research from Intezer, a cybersecurity firm that triages millions of alerts for enterprises globally, attackers are embedding malicious JavaScript within SVG files to redirect…
Hackers Exploit Ivanti Connect Secure 0-Day to Deploy DslogdRAT and Web Shell
Threat actors exploited a zero-day vulnerability in Ivanti Connect Secure, identified as CVE-2025-0282, to deploy malicious tools including a web shell and a sophisticated remote access trojan (RAT) named DslogdRAT. According to a detailed analysis by JPCERT/CC, these attacks underscore…
New Steganography Campaign Exploits MS Office Vulnerability to Distribute AsyncRAT
A recently uncovered cyberattack campaign has brought steganography back into the spotlight, showcasing the creative and insidious methods attackers employ to deliver malware. This operation, dubbed the “Stego-Campaign,” exploits a known Microsoft Office vulnerability, CVE-2017-0199, to initiate infections and ultimately…
Threat Actors Exploiting Unsecured Kubernetes Clusters for Crypto Mining
In a startling revelation from Microsoft Threat Intelligence, threat actors are increasingly targeting unsecured Kubernetes clusters to conduct illicit activities such as cryptomining. The dynamic and complex nature of containerized environments poses significant challenges for security teams in detecting runtime…
ToyMaker Hackers Compromise Numerous Hosts via SSH and File Transfer Tools
In a alarming cybersecurity breach uncovered by Cisco Talos in 2023, a critical infrastructure enterprise fell victim to a meticulously orchestrated attack involving multiple threat actors. The initial access broker, identified as “ToyMaker” with medium confidence as a financially motivated…
NVIDIA NeMo Vulnerability Enables Remote Exploits
NVIDIA has issued an urgent security advisory addressing three high-severity vulnerabilities in its NeMo Framework, a platform widely used for developing AI-powered applications. The flaws, if exploited, could allow attackers to execute malicious code, tamper with data, or take control…
Commvault RCE Vulnerability Exploited—PoC Released
Enterprises and managed service providers globally are now facing urgent security concerns following the disclosure of a major pre-authenticated remote code execution (RCE) vulnerability in Commvault’s on-premise backup and recovery software. The issue, tracked as CVE-2025-34028, has rocked the cybersecurity…
Multiple Cisco Tools at Risk from Erlang/OTP SSH Remote Code Execution Flaw
Cisco has issued a high-severity advisory (cisco-sa-erlang-otp-ssh-xyZZy) warning of a critical remote code execution (RCE) vulnerability in products using Erlang/OTP’s SSH server. The flaw, tracked as CVE-2025-32433, allows unauthenticated attackers to execute arbitrary code on vulnerable devices, posing systemic risks to…
Zyxel RCE Flaw Lets Attackers Run Commands Without Authentication
Security researcher Alessandro Sgreccia (aka “rainpwn”) has revealed a set of critical vulnerabilities in Zyxel’s USG FLEX-H firewall series that enable remote code execution (RCE) and privilege escalation—without authentication. The findings, affecting models including the FLEX 100H and FLEX 700H,…
Redis DoS Flaw Allows Attackers to Crash Servers or Drain Memory
A high-severity denial-of-service (DoS) vulnerability in Redis, tracked as CVE-2025-21605, allows unauthenticated attackers to crash servers or exhaust system memory by exploiting improperly limited output buffers. The flaw affects Redis versions 2.6 and newer, with patches now available in updates 6.2.18, 7.2.8, and 7.4.3.…
Critical Langflow Flaw Enables Malicious Code Injection – Technical Breakdown Released
A critical remote code execution (RCE) vulnerability, identified as CVE-2025-3248 with a CVSS score of 9.8, has been uncovered in Langflow, an open-source platform widely used for visually designing AI-driven agents and workflows. This flaw, residing in the platform’s /api/v1/validate/code…
Google Warns: Threat Actors Growing More Sophisticated, Exploiting Zero-Day Vulnerabilities
Google’s Mandiant team has released its M-Trends 2025 report, highlighting the increasing sophistication of threat actors, particularly China-nexus groups. These adversaries are deploying custom malware ecosystems, exploiting zero-day vulnerabilities in security appliances, and utilizing proxy networks resembling botnets to evade…