A colossal 400GB trove containing data from 2.873 billion X (formerly Twitter) users has surfaced on hacker forums. The breach, allegedly dated January 2025, is now being deemed one of the largest data leaks in social media history. Breach Origin…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
PortSwigger Launches Burp AI to Enhance Penetration Testing with AI
PortSwigger, the makers of Burp Suite, has taken a giant leap forward in the field of cybersecurity with the launch of Burp AI, a groundbreaking set of artificial intelligence (AI) features designed to streamline and enhance penetration testing workflows. With Burp…
Chord Specialty Dental Partners Data Breach Exposes Customer Personal Data
Chord Specialty Dental Partners is under scrutiny after revealing a data breach that compromised the personal and health information of its customers. The breach, which involved unauthorized access to employee email accounts, has left the sensitive data of thousands of…
LensDeal Data Breach Exposes 100,000 Customers’ Personal Information
A major data breach involving LensDeal, a Netherlands-based contact lens supplier, has reportedly exposed the personal information of over 100,000 customers. According to the Cyber Security Hub post, the breach affects 115,096 individuals and includes sensitive details such as full…
Kentico Xperience CMS XSS Vulnerability Allows Remote Code Execution
Kentico Xperience CMS, a widely used platform designed for enterprises and organizations, is under scrutiny after a vulnerability chain was discovered that exploits Cross-Site Scripting (XSS) to enable Remote Code Execution (RCE). This vulnerability was disclosed by researchers who demonstrated…
Microsoft Discovers GRUB2, U-Boot, and Barebox Bootloader Flaws with Copilot
Microsoft has disclosed the discovery of multiple critical vulnerabilities within the GRUB2, U-Boot, and Barebox bootloaders, leveraging its AI-driven Security Copilot platform for advanced threat analysis. These bootloaders, integral to the Unified Extensible Firmware Interface (UEFI) Secure Boot framework and…
Apple Issues Warning on Three 0-Day Vulnerabilities Under Active Exploitation
Apple has issued an urgent security advisory concerning three critical zero-day vulnerabilities – CVE-2025-24200, CVE-2025-24201, and CVE-2025-24085 – which are being actively exploited in the wild. These vulnerabilities affect a wide range of Apple devices, including iPhones, iPads, Macs, Apple Watches, and even the…
Rockwell Automation Vulnerability Allows Attackers to Execute Arbitrary Commands
Rockwell Automation has identified a critical flaw in its Verve Asset Manager software, exposing industrial systems to potential exploitation. The vulnerability, tracked as CVE-2025-1449, enables attackers with administrative access to execute arbitrary commands within the containerized service environment. This flaw has been rated…
Check Point Confirms Data Breach, Says Leaked Information is ‘Old’
Cybersecurity giant Check Point has confirmed that a recent post on a notorious dark web forum, BreachForums, attempting to sell allegedly hacked data from the company, relates to an “old, known, and pinpointed event.” The incident, according to Check Point,…
CrushFTP Security Vulnerability Under Attack After PoC Release
A recently disclosed security vulnerability in CrushFTP, identified as CVE-2025-2825, has become the target of active exploitation attempts following the release of publicly available proof-of-concept (PoC) exploit code. Shadowserver Foundation, a reputable cybersecurity monitoring organization, disclosed the alarming surge in…
CISA Warns of Cisco Smart Licensing Utility Credential Flaw Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory warning organizations about a critical vulnerability in Cisco’s Smart Licensing Utility (SLU) software that has reportedly been exploited in cyberattacks. The vulnerability, assigned CVE-2024-20439, stems from a static…
Linux Lite 7.4 Final Released: Enhanced GUI and Bug Fixes
Linux Lite, a popular lightweight Linux distribution aimed at making Linux accessible to beginners, has officially released its Linux Lite 7.4 Final version. This release comes with several incremental updates that improve functionality, address bugs, and refine the user interface, ensuring a…
Hackers Deploy 24,000 IPs to Breach Palo Alto Networks GlobalProtect
A wave of malicious activity targeting Palo Alto Networks PAN-OS GlobalProtect portals has been observed, with nearly 24,000 unique IPs attempting unauthorized access over the past 30 days. This coordinated effort, flagged by cybersecurity firm GreyNoise, highlights the growing sophistication…
Triton RAT Uses Telegram for Remote System Access and Control
Cado Security Labs has uncovered a new Python-based Remote Access Tool (RAT) named Triton RAT, which leverages Telegram for remote system access and data exfiltration. This open-source malware, available on GitHub, is designed to execute a wide range of malicious…
DarkCloud: An Advanced Stealer Malware Sold on Telegram to Target Windows Data
DarkCloud, a highly advanced stealer malware, has emerged as a significant threat to Windows systems since its debut in 2022. Initially gaining traction through underground forums, the malware is now widely sold on Telegram, making it accessible to cybercriminals worldwide.…
“Lazarus Hackers Group” No Longer Refer to a Single APT Group But a Collection of Many Sub-Groups
The term “Lazarus Group,” once used to describe a singular Advanced Persistent Threat (APT) actor, has evolved to represent a complex network of sub-groups operating under shared objectives and tactics. This shift reflects the growing scale and diversification of their…
Earth Alux Hackers Use VARGIET Malware to Target Organizations
A new wave of cyberattacks orchestrated by the advanced persistent threat (APT) group Earth Alux has been uncovered, revealing the use of sophisticated malware, including the VARGEIT backdoor, to infiltrate critical industries. Linked to China, Earth Alux has been targeting…
Operation HollowQuill – Weaponized PDFs Deliver a Cobalt Strike Malware Into Gov & Military Networks
In a recent revelation by SEQRITE Labs, a highly sophisticated cyber-espionage campaign, dubbed Operation HollowQuill, has been uncovered. The operation targets academic, governmental, and defense-related networks in Russia using weaponized decoy PDFs to deliver Cobalt Strike malware implants. The campaign…
Konni RAT Exploit Windows Explorer Limitations To Launches a Multi-Stage Attack & Steal Data
Konni RAT, a highly advanced Remote Access Trojan (RAT), has emerged as a significant cybersecurity threat, leveraging Windows Explorer limitations to execute multi-stage attacks. This malware employs a combination of batch files, PowerShell scripts, and VBScript to infiltrate systems, exfiltrate…
Weaponized Zoom Installer Used by Hackers to Gain RDP Access and Deploy BlackSuit Ransomware
Cybersecurity researchers have uncovered a sophisticated attack campaign where threat actors utilized a trojanized Zoom installer to infiltrate systems, gain remote desktop protocol (RDP) access, and ultimately deploy the BlackSuit ransomware. The operation demonstrates a highly coordinated, multi-stage malware delivery…