Cybersecurity researchers have uncovered an extensive phishing campaign orchestrated by APT Sidewinder, a persistent threat actor believed to originate from South Asia, targeting government and military institutions across Bangladesh, Nepal, and Turkey through sophisticated credential harvesting operations that exploit trusted…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Multiple Zero-Day Exploits Discover That Bypass BitLocker, Exposing All Encrypted Data
Microsoft security researchers have uncovered four critical vulnerabilities in Windows BitLocker that could allow attackers with physical access to bypass the encryption system and extract sensitive data. The findings, revealed in research dubbed “BitUnlocker,” demonstrate sophisticated attack methods targeting the…
Critical Linux Kernel Vulnerability Allows Attackers Gain Full Kernel-Level Control From Chrome Sandbox
August 9, 2025: A severe security vulnerability in the Linux kernel, dubbed CVE-2025-38236, has been uncovered by Google Project Zero researcher Jann Horn, exposing a pathway for attackers ranging from native code execution within the Chrome renderer sandbox to full…
Over 28,000 Microsoft Exchange Servers Exposed Online to CVE-2025-53786 Vulnerability
The cybersecurity community faces a significant threat as scanning data reveals over 28,000 unpatched Microsoft Exchange servers remain exposed on the public internet, vulnerable to a critical security flaw designated CVE-2025-53786. This high-severity vulnerability, which carries a CVSS score of…
ChromeAlone – A Browser Based Cobalt Strike Like C2 Tool That Turns Chrome Into a Hacker’s Playground
At DEF CON 33, security researcher Mike Weber of Praetorian Security unveiled ChromeAlone — a Chromium-based browser Command & Control (C2) framework capable of replacing traditional offensive security implants like Cobalt Strike or Meterpreter. Not long ago, web browsers were…
CastleBot MaaS Released Diverse Payloads in Coordinated Mass Ransomware Attacks
IBM X-Force has uncovered CastleBot, a nascent malware framework operating as a Malware-as-a-Service (MaaS) platform, enabling cybercriminals to deploy a spectrum of payloads ranging from infostealers to sophisticated backdoors implicated in ransomware operations. First detected in early 2025 with heightened…
Typosquatted PyPI Packages Used by Threat Actors to Steal Cryptocurrency from Bittensor Wallets
GitLab’s Vulnerability Research team has uncovered a highly sophisticated cryptocurrency theft campaign exploiting typosquatted Python packages on the Python Package Index (PyPI) to target the Bittensor decentralized AI network. The operation, detected through GitLab’s automated package monitoring system, involved the…
Efimer Malicious Script Spreads via WordPress Sites, Torrents, and Email in Massive Attack Wave
Kaspersky researchers have uncovered a widespread campaign involving the Efimer malicious script, a sophisticated Trojan-dropper primarily aimed at stealing cryptocurrency. First detected in June 2025, the malware impersonates legal correspondence from major companies, accusing recipients of domain name infringements and…
Over 5,000 Fake Online Pharmacies Caught Selling Counterfeit Medicines
Researchers at Gen have uncovered a vast network of over 5,000 fraudulent online pharmacy domains operated by a single cybercriminal entity dubbed MediPhantom. This elaborate PharmaFraud operation exploits advanced techniques including domain hijacking, search engine optimization manipulation, and AI-generated content…
DarkCloud Stealer Uses Novel Infection Chain and ConfuserEx Obfuscation Techniques
Unit 42 researchers have identified a significant evolution in the distribution tactics of DarkCloud Stealer, an infostealer malware first observed shifting its delivery mechanisms in early April 2025. This update introduces a novel infection chain that incorporates advanced obfuscation via…
DarkCloud Stealer Targets Windows Systems to Harvest Login Credentials and Financial Data
A new variant of the DarkCloud information-stealer malware has been observed targeting Microsoft Windows systems, primarily affecting Windows users by collecting sensitive data such as login credentials, financial information, and personal contacts. Discovered in early July 2025 by Fortinet’s FortiGuard…
Axis Camera Server Vulnerabilities Expose Thousands of Organizations to Attack
Claroty’s Team82 research unit has unveiled four vulnerabilities affecting Axis Communications’ widely deployed video surveillance ecosystem, potentially endangering thousands of organizations worldwide. These flaws, centered on the proprietary Axis.Remoting communication protocol, enable pre-authentication remote code execution (RCE) on key components…
Columbia University Data Breach Exposes Personal and Financial Data of 870,000
Columbia University disclosed a significant cybersecurity incident that compromised personal and financial information of nearly 870,000 individuals, making it one of the largest data breaches affecting an educational institution this year. The breach, which occurred between May 16 and June…
VexTrio TDS Deploys Malicious VPN Apps on Google Play and App Store
VexTrio, a sophisticated threat actor known for operating a massive traffic distribution system (TDS), has expanded its malicious activities by deploying fake VPN applications on major app stores, including Google Play and the Apple App Store. Originating from a merger…
Record-Breaking GreedyBear Attack Uses 650 Hacking Tools to Steal $1M from Victims
The threat actor group dubbed GreedyBear has orchestrated an industrial-scale operation blending malicious browser extensions, executable malware, and phishing infrastructure to siphon over $1 million in cryptocurrency from victims. This coordinated assault, uncovered by Koi Security researchers, leverages a staggering…
PyPI Issues Advisory to Prevent ZIP Parser Confusion Attacks on Python Package Installers
The Python Package Index (PyPI) has announced new restrictions aimed at mitigating ZIP parser confusion attacks that could exploit discrepancies in how Python package installers and inspectors handle ZIP archives. This move comes in response to vulnerabilities identified in tools…
Windows UAC Bypass Exploits Character Map Tool for Privilege Escalation
Cybersecurity researchers have uncovered a new technique that allows attackers to bypass Windows User Account Control (UAC) protections by exploiting an unexpected vulnerability in the system’s Private Character Editor tool, potentially granting unauthorized administrative privileges without user consent. The exploit…
Multiple Security Vulnerabilities Found in WWBN AVideo, MedDream, and Eclipse ThreadX
Cisco Talos’ Vulnerability Discovery & Research team has disclosed a total of 12 critical security vulnerabilities across three popular software platforms, highlighting significant security risks that could potentially impact millions of users worldwide. The disclosure includes seven vulnerabilities in WWBN…
CISA Issues 10 ICS Advisories Detailing Vulnerabilities and Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) has released ten industrial control systems (ICS) advisories on August 7, 2025, highlighting critical vulnerabilities across various industrial automation and control platforms. These advisories represent a comprehensive effort to address security gaps that…
US Confirms Takedown of BlackSuit Ransomware Behind 450+ Hacks
Federal law enforcement agencies have successfully dismantled the critical infrastructure of BlackSuit ransomware, a sophisticated cybercriminal operation that has compromised over 450 victims across the United States since 2022 and collected more than $370 million in ransom payments. Major International…