Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

A severe vulnerability in the command-and-control (C2) infrastructure of the notorious DanaBot malware has been uncovered, potentially exposing critical data belonging to threat actors. Researchers have identified a misconfiguration in the server setup that inadvertently leaks usernames and cryptographic keys…

Read more →

Sensata Technologies, Inc., a major technology company based in Attleboro, Massachusetts, has disclosed a significant cybersecurity incident that compromised personal information of hundreds of individuals. The external system breach, discovered in late May, affected at least 362 Maine residents and…

Read more →

Security researchers have identified a critical vulnerability in Roundcube Webmail that affects over 84,000 unpatched installations worldwide, according to data from The Shadowserver Foundation. The vulnerability, designated CVE-2025-49113, enables authenticated attackers to execute arbitrary code remotely and has already been…

Read more →

A critical security vulnerability has been discovered in ManageEngine Exchange Reporter Plus, a popular email monitoring and reporting solution, that could allow attackers to execute arbitrary commands on target servers. The vulnerability, assigned CVE-2025-3835, affects all builds up to version…

Read more →

A security researcher has disclosed a critical vulnerability in Google’s account recovery system that allowed attackers to brute-force and obtain the phone numbers of any Google user. The vulnerability , discovered in 2025, exploited Google’s username recovery form that continued…

Read more →

SentinelLABS, a sophisticated reconnaissance operation targeting SentinelOne, a leading cybersecurity vendor, has been detailed as part of a broader espionage campaign linked to China-nexus threat actors. Tracked under the activity clusters PurpleHaze and ShadowPad, these operations spanned from July 2024…

Read more →

In a recent research by Proofpoint and Threatray has unveiled the intricate and evolving malware arsenal of the Bitter group, also known as TA397, believed to be a state-backed actor aligned with the interests of the Indian government. Active since…

Read more →

Skitnet malware, also referred to as Bossnet, has emerged as a critical tool for ransomware gangs in 2025, showcasing a marked increase in operational efficiency for cybercriminals. First advertised on underground forums like RAMP on April 19, 2024, by a…

Read more →

On June 5, 2025, the United States Department of Justice (DOJ) filed a verified civil forfeiture complaint in the US District Court for the District of Columbia, seeking to permanently seize over $7.7 million in cryptocurrency, non-fungible tokens (NFTs), and…

Read more →

A recent investigation by cybersecurity researchers has revealed that tech giants Meta (formerly Facebook) and Yandex have been exploiting a fundamental design feature of the Android operating system—the ability for apps to listen on localhost ports—to covertly track users’ web…

Read more →

Google has highlighted a significant uptick in cyberattacks and scams targeting US consumers, with a particular focus on stealing login credentials. The FBI reports that online scams generated a staggering $16.6 billion in losses last year, reflecting a 33% increase…

Read more →

A new Windows-based malware named Blitz has been identified in 2024, with an updated version detected in early 2025. This malware, actively developed and distributed through deceptive game cheats, poses a significant threat by deploying a Monero cryptocurrency miner alongside…

Read more →

The Chinese state-sponsored threat actor APT41, also known as BARIUM, Wicked Panda, and Brass Typhoon, has been reported to exploit Google Calendar as a command-and-control (C2) mechanism in a recent campaign targeting a Taiwanese government website. This sophisticated group, active…

Read more →

A critical phishing campaign targeting Windows users has been uncovered by FortiGuard Labs, leveraging malicious Excel attachments to exploit a long-standing vulnerability in older versions of Microsoft Office. This sophisticated attack distributes FormBook, a notorious information-stealing malware designed to harvest…

Read more →

In an era where artificial intelligence (AI) is reshaping every facet of society, our mission remains steadfast: to ensure that artificial general intelligence (AGI) benefits all of humanity. By advancing AI tools that empower people to solve complex problems, we…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA), the U.S. government’s frontline civilian cybersecurity force, has lost nearly one-third of its workforce—roughly 1,000 employees—since the start of the current Trump administration, according to multiple sources and internal communications. This exodus, driven…

Read more →

Tel Aviv, Israel, June 9th, 2025, CyberNewsWire Available to the public and debuting at the Gartner Security & Risk Management Summit,BrowserTotal is a first of its kind browser security assessment tool conducting more than 120tests to provide posture standing, emerging…

Read more →

On the morning of May 20, 2025, Kettering Health, a major Ohio-based healthcare provider operating 14 medical centers and over 120 outpatient facilities, was struck by a sophisticated ransomware attack that forced a system-wide technology outage. The incident, attributed to…

Read more →

Tel Aviv, Israel, June 9th, 2025, CyberNewsWire Available to the public and debuting at the Gartner Security & Risk Management Summit,BrowserTotal is a first of its kind browser security assessment tool conducting more than 120tests to provide posture standing, emerging…

Read more →

QNAP has issued a security advisory warning users of Qsync Central about two critical vulnerabilities that could allow attackers to access sensitive data or execute malicious code. The affected software is widely used for synchronizing files across QNAP NAS devices…

Read more →