Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

North Korean Advanced Persistent Threat (APT) hackers, specifically the Konni group, have shifted their focus to Ukrainian government agencies in a targeted phishing campaign aimed at stealing login credentials and distributing malware. This attack, observed in February 2025, marks a…

Read more →

Threat actors have exploited Discord’s invite system to distribute malicious links, ultimately delivering AsyncRAT and other harmful payloads. Discord, a widely trusted platform for gamers, developers, and communities, has become a target for cybercriminals who abuse its infrastructure particularly the…

Read more →

A new infrastructure linked to GrayAlpha, a cybercriminal entity overlapping with the notorious FIN7 group, has been exposed. This financially motivated threat actor, active since at least 2013, is known for its sophisticated attacks targeting retail, hospitality, and financial sectors.…

Read more →

A new and menacing player has emerged in the cybercrime landscape with the introduction of Anubis, a Ransomware-as-a-Service (RaaS) operation that blends traditional file encryption with a devastating file destruction capability. Active since December 2024, Anubis has quickly gained notoriety…

Read more →

Microsoft is set to enhance data security in Microsoft 365 by extending Purview Data Loss Prevention (DLP) controls to Copilot’s handling of sensitive email data. Starting January 1, 2025, Microsoft 365 Copilot will be prevented from processing emails that carry…

Read more →

A major security alert has been issued for Android users after cybersecurity researchers uncovered more than 20 malicious applications on the Google Play Store designed to steal users’ login credentials, specifically targeting cryptocurrency wallet holders. The campaign, identified by Cyble…

Read more →

A curious technique has emerged: hiding images inside DNS TXT records. This approach, which at first glance seems unorthodox, leverages the flexibility of DNS TXT records to store arbitrary data, including the binary data that makes up an image. The method…

Read more →

A critical security vulnerability has been identified in IBM’s Backup, Recovery, and Media Services (BRMS) for IBM i, potentially exposing enterprise environments to privilege escalation attacks. The flaw, tracked as CVE-2025-33108, affects versions 7.4 and 7.5 of the BRMS software,…

Read more →

Google Cloud experienced one of its most significant outages in recent years, disrupting a vast array of services and impacting millions of users and businesses worldwide. The disruption, which lasted for over three hours, was traced back to a critical…

Read more →

A critical security flaw has been uncovered in the keyless entry systems (KES) widely used in KIA vehicles across Ecuador, exposing thousands of cars to a heightened risk of theft. The vulnerability, identified by independent hardware security researcher Danilo Erazo,…

Read more →

Kali Linux, the preferred distribution for security professionals, has launched its second major release of 2025, Kali Linux 2025.2, in June. This update introduces a restructured Kali Menu, upgraded desktop environments, 13 new tools, and significant Kali NetHunter advancements, including…

Read more →

A medium-severity reflected file download (RFD) vulnerability (CVE-2025-41234) in VMware’s Spring Framework has been patched, affecting multiple versions of the widely used Java framework. The flaw enables attackers to execute malicious code by exploiting improperly configured Content-Disposition headers in a…

Read more →

The National Institute of Standards and Technology (NIST) has released groundbreaking guidance to help organizations implement Zero Trust Architectures (ZTAs) using commercially available technologies. Implementing a Zero Trust Architecture (NIST SP 1800-35) provides 19 real-world implementation models, technical configurations, and…

Read more →

A newly disclosed spoofing vulnerability (CVE-2025-26685) in Microsoft Defender for Identity (MDI) enables unauthenticated attackers to capture Net-NTLM hashes of critical Directory Service Accounts (DSAs), potentially compromising Active Directory environments. Rated 6.5 (Medium) on the CVSS v3.1 scale, this flaw…

Read more →

A critical security flaw (CVE-2025-5491) in Acer ControlCenter allows remote attackers to execute arbitrary code with NT AUTHORITY\SYSTEM privileges via a misconfigured Windows Named Pipe. The vulnerability, rated 8.8 on the CVSS scale, stems from insecure permissions on a custom…

Read more →

A critical vulnerability (CVE-2025-6031) has been identified in Amazon Cloud Cam devices, which reached end-of-life (EOL) status in December 2022. The flaw allows attackers to bypass SSL pinning during device pairing, enabling man-in-the-middle (MitM) attacks and network traffic manipulation. Technical…

Read more →

A sophisticated and increasing wave of cyberattacks now targets software developers through a little-known yet legitimate GitHub feature: the OAuth 2.0 Device Code Flow. Security experts, notably from Praetorian, have warned that threat actors are leveraging this mechanism to trick…

Read more →

Cybersecurity professionals and business leaders are on high alert following a confirmed breach of a utility billing software provider, traced to unpatched vulnerabilities in the widely used SimpleHelp Remote Monitoring and Management (RMM) platform. The Cybersecurity and Infrastructure Security Agency…

Read more →

HashiCorp disclosed a critical security flaw (CVE-2025-4922) in its Nomad workload orchestration tool on June 11, 2025, exposing clusters to privilege escalation risks through improper ACL policy enforcement. The vulnerability, rated 8.1 CVSS, enables attackers to bypass namespace restrictions via…

Read more →

Fog ransomware incidents in recent years have exposed a dangerous new trend in cybercrime: hackers are using open-source penetration testing tools and genuine staff monitoring software to breach networks, steal confidential data, and initiate ransomware attacks. This unprecedented blend of…

Read more →