Cybersecurity researchers have uncovered a sophisticated campaign where threat actors leverage a Microsoft Help Index File (.mshi) to deploy the PipeMagic backdoor, marking a notable evolution in malware delivery methods. This development ties into the exploitation of CVE-2025-29824, a zero-day…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Weaponized Python Package “termncolor” Uses Windows Run Key for Persistence
Cybersecurity experts discovered a complex supply chain attack that originated from the Python Package Index (PyPI) in a recent disclosure from Zscaler ThreatLabz. The package in question, termed “termncolor,” masquerades as a benign color utility for Python terminals but covertly…
Threat Actors Exploit Telegram as the Communication Channel to Exfiltrate Stolen Data
tLab Technologies, a Kazakhstan-based company that specializes in advanced threat prevention, discovered one of the first known phishing attempts in the region that targeted public sector clients in a recent cybersecurity incident. The attack leveraged a professionally crafted fake login…
Technical Details of SAP 0-Day Exploitation Script for RCE Revealed
Cybersecurity researchers have unveiled the inner workings of an exploit script targeting a critical zero-day vulnerability in SAP NetWeaver’s Visual Composer Metadata Uploader, now designated as CVE-2025–31324. This flaw stems from a missing authorization check on the HTTP endpoint /developmentserver/metadatauploader,…
Bragg Confirms Cyberattack, Internal IT Systems Breached
Bragg Gaming Group (NASDAQ: BRAG, TSX: BRAG), a prominent content and technology provider in the online gaming industry, has disclosed a cybersecurity incident that compromised its internal computer systems over the weekend. The company discovered the breach on August 16,…
Linux Kernel Netfilter Flaw Enables Privilege Escalation
A critical vulnerability in the Linux kernel’s netfilter subsystem has been discovered that allows local attackers to escalate privileges through an out-of-bounds write condition. The flaw, identified as CVE-2024-53141, affects the ipset bitmap functionality and could enable unprivileged users to gain…
DoJ Seizes $2.8M in Crypto from Zeppelin Ransomware Group
The Department of Justice has announced a significant victory against cybercriminals, seizing over $2.8 million in cryptocurrency and additional assets from a Zeppelin ransomware operation. The coordinated law enforcement action targeted Ianis Aleksandrovich Antropenko, who faces federal charges for his…
New Ghost-Tapping Attacks Target Apple Pay and Google Pay Users’ Linked Cards
Chinese-speaking cybercriminals are using ghost-tapping techniques to take advantage of Near Field Communication (NFC) relay tactics in a sophisticated evolution of payment card fraud. They are mainly targeting mobile payment services such as Apple Pay and Google Pay. This attack…
North Korean Hackers’ Secret Linux Malware Surfaces Online
Phrack Magazine’s latest issue #72 has unveiled a significant data leak from a suspected North Korean hacking operation, including exploit tactics, compromised system details, and a sophisticated Linux rootkit. The dump, linked to a Chinese threat actor targeting South Korean…
The AI-Powered Trojan Horse Returns: How LLMs Revive Classic Cyber Threats
In an era where users rely on vigilance against shady websites and file hashing via platforms like VirusTotal, a new wave of trojan horses is challenging traditional defenses. These threats masquerade as legitimate desktop applications, such as recipe savers, AI-powered…
Workday Data Breach Exposes HR Records via Third-Party CRM Hack
Enterprise software giant Workday has disclosed a security incident involving unauthorized access to employee information through a compromised third-party customer relationship management (CRM) platform. The breach, discovered as part of a broader social engineering campaign targeting multiple large organizations, has…
Scammers Target Back-to-School Deals, Diverting Shoppers to Fraud Sites
As the back-to-school season intensifies, cybercriminals are exploiting the heightened online shopping activity by deploying sophisticated scams aimed at siphoning funds and personal data from unsuspecting consumers. According to retail analytics, U.S. households allocate approximately $860 per child on essentials…
Hundreds of TeslaMate Servers Expose Real-Time Vehicle Data
A security researcher has discovered that hundreds of self-hosted TeslaMate servers are exposing sensitive Tesla vehicle data to the public internet without any authentication, revealing real-time location tracking, charging patterns, and driving habits of unsuspecting owners. TeslaMate is a popular…
Rockwell ControlLogix Ethernet Vulnerability Exposes Systems to Remote Code Execution
A critical vulnerability in Rockwell Automation’s ControlLogix Ethernet modules has been discovered that could allow remote attackers to execute malicious code on industrial control systems. The vulnerability, identified as CVE-2025-7353, affects multiple ControlLogix communication modules and carries a severe CVSS…
Critical PostgreSQL Flaws Allow Code Injection During Restoration
The PostgreSQL Global Development Group released emergency security updates on August 14, 2025, addressing three critical vulnerabilities that enable code injection attacks during database restoration processes. The flaws affect all supported versions from PostgreSQL 13 through 17, requiring immediate patching…
Top 10 Best Patch Management Software For IT Security 2025
In the relentless battle against cyber threats in 2025, unpatched software remains a gaping vulnerability exploited by attackers worldwide. Outdated operating systems, applications riddled with known flaws, and missing security updates create an open invitation for malware, ransomware, and data…
Elastic EDR 0-Day Flaw Lets Hackers Evade Detection, Run Malware, and Trigger BSOD
AshES Cybersecurity has disclosed a severe zero-day vulnerability in Elastic’s Endpoint Detection and Response (EDR) software that transforms the security tool into a weapon against the systems it’s designed to protect. The flaw, found in the Microsoft-signed kernel driver “elastic-endpoint-driver.sys,”…
PoC Released for Fortinet FortiSIEM Command Injection Flaw
Security researchers have uncovered a severe pre-authentication command injection vulnerability in Fortinet’s FortiSIEM platform that allows attackers to completely compromise enterprise security monitoring systems without any credentials. The vulnerability, designated CVE-2025-25256, has already been exploited by attackers in real-world scenarios,…
Threat Actors Abuse npm Developer Accounts Hijacked to Spread Malicious Packages
A sophisticated phishing campaign targeting the maintainer of eslint-config-prettier, a widely-used npm package with over 3.5 billion downloads, resulted in malicious code being distributed to thousands of developer projects worldwide. The incident, discovered on July 18 by ReversingLabs’ automated threat…
Chinese Hackers Exploit Web Hosting Infrastructure for Cyberattacks
Cisco Talos researchers have uncovered a sophisticated Chinese-speaking advanced persistent threat (APT) group, designated UAT-7237, that has been actively targeting web hosting infrastructure in Taiwan since at least 2022. The group demonstrates significant operational overlaps with previously identified threat actor…